Reliable Gateways

Aml Kyc Policy

1. INTRODUCTION AND DEFINITIONS

1a. Policy Statement

Reliable Gateways is steadfast in its commitment to uphold the highest standards of integrity and accountability in all its business operations. Recognizing the potential risks associated with money laundering and terrorist financing in the e-commerce and payment processing sectors, we have instituted a comprehensive Anti-Money Laundering (AML) policy. This policy is designed to prevent, detect, and combat any attempt to use our platform for money laundering activities or the financing of terrorist operations.

Our AML policy and practices are in strict compliance with the laws and regulations of the United Arab Emirates, particularly those pertaining to Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT). Reliable Gateways engages in continuous monitoring and reviewing of our AML strategies to adapt to new risks and regulatory requirements, ensuring that our operations remain secure and transparent.

By implementing these rigorous policies, Reliable Gateways aims to protect its operations from being exploited for illegal activities, thereby safeguarding the interests of our clients, partners, and the financial system at large. We commit to cooperating fully with regulatory authorities to support the fight against financial crime both locally and internationally.

1b. Definitions

To ensure clarity and compliance, we define the following key terms used in our Anti-Money Laundering (AML) policy:

  • Money Laundering: The process of making illegally-gained proceeds (i.e., “dirty money”) appear legal (i.e., “clean”). This generally involves three steps:
    • Placement: Depositing the illicit funds into the financial system, disguising them as legitimate transactions, or buying monetary instruments.
    • Layering: Concealing the source of the funds through a series of complex transactions and bookkeeping tricks.
    • Integration: The illicit funds are reintegrated into the economy as legitimate funds, used for purchasing assets, funding businesses, or supporting other legal activities.
  • Terrorist Financing: The process of providing financial support to individuals or groups engaged in terrorist activities, whether these funds come from legitimate or illegitimate sources. This often involves concealing the origin or intended use of the funds to avoid detection and prevent tracking.
  • AML/CFT Laws and Regulations: Refers to the body of laws and regulations designed to combat money laundering and the financing of terrorism. This includes, but is not limited to, UAE Federal Law No. 20 of 2018 and Cabinet Resolution No. 10 of 2019.
  • KYC (Know Your Customer): The process of a business identifying and verifying the identity of its clients, which is a legal requirement in many jurisdictions to help prevent money laundering and terrorist financing. This process often involves collecting reliable, independent source documents, data, or information.
  • PEP (Politically Exposed Person): An individual who is or has been entrusted with a prominent public function. Due to their position and influence, it is recognized that many PEPs are in positions that potentially can be abused for the purpose of committing money laundering offenses and related predicate offenses, including corruption and bribery, as well as conducting activity related to terrorist financing.

2. LAWS AND REGULATIONS

Reliable Gateways rigorously adheres to a variety of laws and regulatory frameworks designed to prevent money laundering and terrorist financing. These laws and regulations are integral to our operational, compliance, and enforcement strategies. Below is an overview of the primary legal frameworks that guide our AML policies:

  • UAE Federal Law No. 20 of 2018: This law on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organizations outlines the obligations for financial institutions and other regulated entities to implement robust AML/CFT procedures. It emphasizes the need for adequate systems to prevent financial crimes.
  • Cabinet Resolution No. 10 of 2019: Implementing regulations for Federal Law No. 20 of 2018, this resolution provides detailed guidelines on the measures that must be taken to detect, report, and mitigate risks associated with money laundering and terrorist financing.
  • UAE Federal Law No. 7 of 2014: On Combating Terrorism Crimes, this law defines terrorism-related offenses and sets forth penalties. It also outlines measures for freezing funds and taking necessary actions against those involved in terrorism financing.
  • UAE Federal Penal Law No. 3 of 1987 as amended (Penal Code) and UAE Federal Penal Procedures Law No. 35 of 1992 as amended: These laws provide the foundational legal framework for criminal justice procedures related to any form of financial crime.
  • Regulations Regarding Declaration by Travelers: These regulations, issued in 2011, mandate the declaration by travelers entering or leaving the UAE with cash and monetary instruments over a specified threshold, which is critical for preventing the cross-border movement of illicit funds.
  • UAE Federal Law No. 5 of 2012: On Combating Cyber Crimes, which includes provisions to combat crimes committed via electronic means, including fraud and identity theft that can be part of money laundering schemes.
  • UAE Central Bank Regulations Concerning Procedures for Anti-Money Laundering: Notably, Circular No. 24/2000 and its subsequent amendments lay down specific requirements for financial institutions about customer identification, transaction monitoring, and reporting suspicious activities.
  • International Cooperation and Compliance: Reliable Gateways also commits to adhering to international standards and cooperating with global financial regulatory bodies. This includes compliance with the guidelines set by the Financial Action Task Force (FATF) and respecting sanctions and directives issued by international bodies such as the United Nations.

3. OBLIGATIONS

Reliable Gateways is committed to upholding the highest standards of regulatory compliance and integrity in its operations. Our obligations include the following comprehensive measures to mitigate the risks associated with money laundering, terrorist financing, and other criminal activities:

  • Risk Identification and Assessment: Regularly identify and assess risks related to criminal activities within our business. This includes the potential for money laundering, terrorist financing, and the proliferation of weapons of mass destruction. Our risk assessments are dynamic, taking into account factors like customer profiles, transaction volumes, and geographic regions.
  • Regulatory Reporting: Promptly report unusual or suspicious transactions to the UAE’s Financial Intelligence Unit (FIU) at the Central Bank of UAE. This is a critical component of our compliance framework, ensuring that potential risks are communicated to regulatory authorities timely.
  • Staff Training and Development: Conduct regular training sessions for all staff to ensure they are informed and updated on the latest AML policies, procedures, and compliance requirements. Training includes understanding the nuances of the cryptocurrency industry and the specific risks associated with our e-commerce and payment processing services.
  • Know Your Customer (KYC) Compliance: Implement different levels of KYC depending on the type of customer, ranging from standard due diligence for most customers to enhanced due diligence for high-risk customers, such as politically exposed persons (PEPs) or those from high-risk jurisdictions.
  • Continuous Monitoring and Review: Regularly monitor and evaluate the effectiveness of our risk management strategies and internal controls. This continuous review helps in adapting our risk mitigation measures to evolving threats and regulatory changes.
  • Compliance with FATF Regulations: Ensure full compliance with the regulations set forth by the Financial Action Task Force (FATF). This includes aligning our practices with applicable UN directives concerning the suppression of financing terrorism and the proliferation of weapons of mass destruction.
  • Record Keeping: Maintain accurate and comprehensive records of all customer and transaction data for a minimum of five years, ensuring the confidentiality and security of the data. Our record-keeping practices are designed to support both operational transparency and regulatory compliance.
  • Internal Control Frameworks: Develop and maintain robust internal control frameworks that are tailored to the specific risks identified through our assessments. This includes establishing clear policies, procedures, and guidelines that define employee responsibilities regarding risk management and compliance.
  • Due Diligence Procedures: Design and implement thorough due diligence procedures for customer onboarding and ongoing monitoring. This includes verification of customer identities, sources of funds, and beneficial ownership information.
  • Proactive Compliance Measures: Stay updated on evolving risks and regulatory requirements to ensure proactive mitigation measures are in place. Implement robust systems and processes to detect and report any suspicious activities effectively.
  • International Compliance: Comply with relevant international directives and resolutions to prevent transactions that may contribute to financing terrorism or the proliferation of weapons of mass destruction.

4. PROCEDURES

4a. Know Your Customer (KYC)

At Reliable Gateways, we recognize the critical importance of robust Know Your Customer (KYC) procedures to safeguard our e-commerce and payment processing services from misuse. Our KYC processes are meticulously designed to address the varying risk profiles of each customer, ensuring both compliance with regulatory requirements and the protection of our operations from potential financial crimes.

KYC Levels
  • Standard KYC – Individual Customers:
      • Requirements: Verification of full name, date of birth, citizenship, current residential address, official government-issued identification, and source of funds.
      • Purpose: This level applies to most customers and involves collecting enough information to verify the identity of the individuals and understand the nature of their financial activities.
  • Enhanced KYC – High-Risk Customers:
      • Trigger: This level is triggered when individual transactions exceed $10,000, or when the customer’s activities are deemed higher risk due to their geographic location, nature of business, or transaction behavior.
      • Additional Requirements: Proof of the source of funds, and in certain cases, the transaction must be conducted through bank transfers only, eliminating cash transactions to enhance traceability and security.
  • Ultimate KYC – Critical Risk Customers:
    • Trigger: This level is required for transactions exceeding $100,000 or in situations where there is a significant risk associated with the customer.
    • Additional Requirements: Certified proof of source of funds, certified proof of address, and a physical check of the original or certified ID.
KYC for Corporate Entities

We apply consistent KYC levels to both corporate and individual customers. The logic behind the categorization process remains the same for all. However, for corporate customers, we require additional certified documents to verify their identity and legitimacy. This approach ensures a thorough and professional verification process, fostering trust and compliance with regulatory standards for all our valued customers. These additional documents are:

  1. Certificate of Incorporation
  2. Certificate of Incumbency
  3. Memorandum of Articles
  4. Board Resolution
Decision-Making Process

The decision to escalate a customer from Standard to Enhanced or Ultimate KYC is based on a combination of factors, including analysis of transaction patterns, customer behavior, and emerging trends within the e-commerce and payment processing sectors.

Reliable Gateways utilizes a risk-based approach to determine the appropriate level of due diligence required, ensuring that measures are proportionate to the risks identified.

Ongoing Monitoring and Review

Our KYC procedures are not static; they involve continuous monitoring and periodic review of the customer profiles to ensure that our risk assessments remain current and appropriate to the level of risk presented.

Regular updates to KYC procedures and customer records are mandatory to align with any changes in customer status or relevant legislation.

4b. Sanctions and Transactions Screening
Sanctions Screening

Reliable Gateways is committed to adhering to international and national sanctions regimes to prevent the misuse of our e-commerce and payment processing services. We have implemented a rigorous system for screening individuals and entities against various sanctions lists issued by authoritative bodies. This includes, but is not limited to:

  • United Nations Security Council (UNSC)
  • Office of Foreign Assets Control (OFAC)
  • Office of Financial Sanctions Implementation (OFSI)
  • European Union (EU) Sanctions List
  • Financial Action Task Force (FATF)
  • Local Terrorist List issued by the UAE Supreme Council for National Security
Transaction Monitoring

To further safeguard our operations and comply with AML regulations, Reliable Gateways employs a robust transaction monitoring system. This system is designed to detect and analyze transactions that exhibit unusual or potentially suspicious characteristics, which may indicate money laundering or terrorist financing activities. Key aspects of our transaction monitoring include:

  • Continuous Monitoring: All transactions processed through Reliable Gateways are continuously monitored using advanced analytics that assess risk based on customer profiles and transaction behavior.
  • Frontline Defense: Our frontline staff are equipped and authorized to identify and escalate suspicious activities promptly. They play a crucial role in our initial line of defense against financial crimes by monitoring transactions in real-time.
  • Secondary Reviews: A secondary line of defense involves a more detailed review of transactions flagged by our initial monitoring processes. This includes enhanced scrutiny of customer behavior and transaction patterns to verify their legitimacy and ensure they do not breach any compliance standards.
  • Escalation Procedures: Any transactions or activities that raise concerns are escalated according to predefined protocols. This involves notifying senior compliance officers who undertake further investigation and, if necessary, report to the appropriate regulatory bodies.
4c. Staff Training

At Reliable Gateways, we firmly believe in empowering our employees with the knowledge and skills necessary to effectively contribute to our Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) efforts. Comprehensive training is crucial for fostering a robust compliance culture throughout our organization.

Initial Training
  • Induction Program: All new employees at Reliable Gateways participate in an intensive AML training program within the first 30 days of their employment. This program covers essential aspects of AML regulations, including the identification of suspicious activities, the importance of customer due diligence, and the correct procedures for reporting suspicious transactions.
  • Interactive Learning: To enhance understanding and retention, the initial training includes interactive exercises, case studies, and scenario-based simulations that reflect real-world challenges employees might face.
Ongoing Training and Development
  • Annual Refresher Courses: To ensure that all staff members are updated on the latest AML regulations and best practices, we conduct annual training sessions. These sessions are updated regularly to reflect new developments in the regulatory landscape and emerging trends in financial crimes.
  • Continuous Learning Environment: Employees are encouraged to engage actively in these training sessions, promoting a dialogue-rich environment where they can share insights, ask questions, and discuss real-life scenarios relevant to their roles.
Resources and Support
  • Accessibility to Learning Materials: Employees have continuous access to a wide range of resources, including updated reference materials, online courses, and guidance from AML experts. This access supports their ongoing education and professional development in AML practices.
  • Communication and Reminders: Regular communication about AML compliance is maintained through newsletters, emails, and internal meetings. This helps keep AML practices at the forefront of daily activities and ensures compliance is a consistent priority.
Empowerment through Knowledge
  • Practical Application: Training is designed not just to inform but also to empower employees to apply their knowledge practically in monitoring and reporting activities. This approach enhances their ability to effectively identify and mitigate potential risks associated with money laundering and terrorist financing.
Feedback and Evaluation
  • Feedback Mechanisms: We regularly solicit feedback from our employees on the training processes to continuously improve the effectiveness and relevance of our training programs.
  • Assessment and Adaptation: Employee performance in AML-related tasks is assessed periodically to tailor further training and support, ensuring that our staff remains competent and confident in their roles.
4d. Record Keeping and Confidentiality

We understand the critical importance of stringent record-keeping and confidentiality to maintain compliance with the regulations set forth by the Central Bank of the UAE and to protect the integrity of our e-commerce and payment processing services.

Document Collection and Verification
  • Initial Collection: As part of our KYC process, we collect and verify identification documents from new customers. This includes government-issued IDs, utility bills, and other pertinent documents to confirm their identity and legitimacy.
  • Accuracy and Completeness: We ensure that all documents are up-to-date and thoroughly checked for completeness and validity at the point of collection.
Secure Storage
  • Encryption and Access Control: All customer identification documents and transaction records are stored in a highly secure, encrypted database. Access is strictly limited to authorized personnel to maintain confidentiality and prevent unauthorized access.
  • Security Protocols: We implement advanced security measures, including multi-factor authentication and regular security audits, to safeguard our data storage systems.
Data Backup and Disaster Recovery
  • Regular Backups: We regularly back up all records to protect against data loss. Backups are stored securely off-site and are accessible only to designated recovery personnel.
  • Disaster Recovery Plans: Robust disaster recovery protocols are in place to ensure quick restoration of data and minimal service interruption in case of an incident.
Retention Period
  • Regulatory Compliance: In compliance with UAE regulations, we retain all customer records for a minimum period of five years from the date of the customer’s last transaction or the termination of the business relationship.
  • Review and Audit: The retention period is regularly reviewed to ensure compliance with changing regulations and business needs.
Data Purging
  • Secure Disposal: Once the retention period has expired, we securely and permanently purge customer records in compliance with data protection regulations, ensuring that personal information is disposed of responsibly.
Confidentiality and Non-Disclosure
  • Employee Training: All employees receive thorough training on the importance of data confidentiality and are bound by confidentiality agreements to protect customer information.
  • Ongoing Awareness: Regular reminders and updates about confidentiality obligations are provided to ensure continued vigilance.
Compliance Monitoring and Auditing
  • Internal Audits: Regular internal audits and compliance checks ensure that our record-keeping practices align with regulatory requirements. Discrepancies or issues identified are promptly addressed and rectified.
  • Regulatory Cooperation: We cooperate fully with legitimate requests from regulatory authorities or law enforcement, ensuring compliance with data protection laws while respecting customer privacy rights.
4e. AML Compliance Person Duties

At Reliable Gateways, the Anti-Money Laundering (AML) Program Compliance Person plays a pivotal role in maintaining and enhancing our compliance framework. This individual, with comprehensive expertise in AML/CFT regulations, oversees the entire spectrum of our AML activities.

Qualification and Appointment
  • Expertise and Continuous Learning: The AML Compliance Person is selected based on their profound understanding and experience in AML/CFT practices. They are committed to continuous professional development, regularly attending seminars and workshops to stay updated with evolving compliance landscapes and best practices.
Understanding and Implementing Regulations
  • Regulatory Mastery: This individual conducts detailed reviews of existing and new AML/CFT laws, regulations, and guidelines globally and particularly those relevant to the UAE. They consult with industry experts to deepen their understanding and ensure our practices align with regulatory requirements.
Monitoring Compliance
  • Systematic Oversight: To ensure ongoing adherence to AML/CFT obligations, the AML Compliance Person establishes a robust monitoring system that includes regular audits and risk assessments. They utilize advanced AML software and analytics tools to detect and address potential compliance issues.
Communication and Training
  • Educational Programs: They are responsible for developing structured AML training programs for all employees. These sessions utilize real-world scenarios and case studies to enhance understanding and practical application of AML principles.
Risk Assessments
  • Collaborative Analyses: In collaboration with relevant departments, the AML Compliance Person gathers and analyzes data on transaction patterns and customer profiles. They conduct comprehensive risk assessments to identify areas requiring heightened scrutiny and develop strategies to mitigate these risks.
Record Keeping
  • Secure and Systematic Documentation: They design and maintain an organized, secure, and accessible record-keeping system for all AML-related documents and reports. Digital solutions are leveraged to manage sensitive data securely, ensuring they are auditable and compliant with legal requirements.
Suspicious Activity Reports (SARs)
  • Standardized Reporting: A standardized SAR process is in place to facilitate the timely and accurate reporting of suspicious activities. The AML Compliance Person regularly trains staff involved in these procedures, ensuring that all reports are thorough and meet regulatory standards.
Reporting and Accountability
  • Transparent Reporting: They prepare detailed reports on the effectiveness of the AML program, presenting findings to senior management and regulatory bodies. These reports reflect the organization’s commitment to proactive risk management and compliance.

5. THREE LAYERS OF IMPLEMENTATION

We employ a rigorous and layered approach to uphold the highest standards of security and compliance across all our e-commerce and payment processing activities. This structured approach is designed to ensure comprehensive protection and regulatory adherence throughout our operations.

First Layer: Staff
  • Role and Training: Our staff are crucial in the early detection and reporting of potential suspicious activities. They undergo extensive AML training to equip them with the skills necessary to identify and act on red flags effectively. This training includes practical exercises and real-world scenarios to ensure they are prepared to handle various challenges.
  • Utilization of Monitoring Tools: Staff members are proficient in using advanced transaction monitoring systems that help track and analyze customer transactions. These tools are integral to ensuring the accurate collection of necessary data, allowing for seamless integration with our broader AML compliance efforts.
Second Layer: AML Compliance Officer
  • Central Oversight: The AML Compliance Officer is the linchpin in our AML framework, responsible for overseeing all aspects of our compliance efforts. This highly qualified professional ensures that our procedures are continuously updated and fully aligned with both local and international regulatory standards.
  • Process Monitoring and Risk Management: The officer meticulously monitors and analyzes reports generated by frontline activities and the systems in place. They assess these insights to pinpoint potential risks, ensuring swift and effective resolutions to any compliance issues.
Third Layer: Advanced Monitoring Software
  • Technological Defense: We utilize state-of-the-art software that specializes in monitoring e-commerce transactions and payment processes. This software is equipped with cutting-edge technology and comprehensive databases that enable real-time analysis of transaction legitimacy.
  • Integration and Automation: The software seamlessly integrates with our internal systems, providing an additional layer of defense. Its sophisticated algorithms help detect suspicious activities quickly, significantly bolstering our overall AML efforts.
Collaborative Dynamics

The synergy between our well-trained staff, the vigilant oversight of the AML Compliance Officer, and our cutting-edge monitoring technology forms an impenetrable defense against potential financial crimes. This tri-layered approach ensures that each segment of our operation is secure, compliant, and transparent, safeguarding our business from the ever-evolving threats of financial crimes.

6. CONCLUSION

Reliable Gateways is unequivocally committed to upholding a secure and compliant operational environment, vital for our e-commerce and payment processing services. We implement rigorous measures to safeguard against money laundering, terrorist financing, and other illicit activities that could undermine our operations and the trust placed in us by our clients.

Stringent Financial Practices

We ensure that all transactions are conducted through authorized and recognized financial institutions. This practice significantly mitigates the risk of engaging with potentially non-compliant sources and enhances the security of financial flows.

Rigorous KYC and Due Diligence

Our comprehensive KYC procedures are at the core of our operations. They provide a clear understanding of our customers’ identities and their business activities, substantially reducing the risk of our platform being used for illicit purposes. This thorough vetting process is critical in preempting potential risks associated with financial crimes.

Ongoing Policy Enhancement

Under the guidance of our dedicated AML Compliance Officer, we continuously review, update, and refine our policies and procedures to align with both current and emerging regulations and best practices. This adaptability ensures our compliance framework remains robust and effective against the backdrop of a rapidly evolving regulatory landscape.

Commitment to High Standards

Reliable Gateways is dedicated to fostering a business environment rooted in trust and security. Our overarching goal is to maintain the highest standards of integrity and transparency, ensuring that our clients can conduct their transactions with confidence and peace of mind.

Proactive Engagement and Improvement

We are proactive in our approach to AML compliance, engaging with regulatory bodies and participating in industry discussions to stay ahead of new developments in financial security. Our commitment extends beyond mere compliance; we aim to set a benchmark for best practices in the industry, contributing to broader efforts to combat financial crimes globally.

Through these concerted efforts, Reliable Gateways not only protects its operational integrity but also supports the broader financial ecosystem in combating financial crimes.