ChirpPad AML/KYC Policy

This Anti-Money Laundering and Know Your Customer Policy (hereinafter – the “AML/KYC Policy”) is a document of ChirpPad Ltd., a company established and operating in accordance with the legislation of the British Virgin Islands (“ChirpPad”, “We”, “us”, “our”).

This document has the main purpose to prevent and mitigate possible risks of ChirpPad being involved in any kind of illegal activity.

Both international and local regulations require ChirpPad to implement effective internal procedures and mechanisms to prevent money laundering, terrorist financing, drug, and human trafficking, the proliferation of weapons of mass destruction, corruption, and bribery and to take action in case of any form of suspicious activity from its Users.

This AML/KYC Policy covers the following matters:

1. General User Acceptance Principles

ChirpPad shall classify users through different risk evaluation criteria based on the risk perception of each user. If the attracted user is a new user, his/her/its account can be activated only upon successfully undergoing the due diligence procedure and passing through all necessary identification measures, which are set forth in the Policy. All documents and data required to be obtained pursuant to ChirpPad’s under this Policy must be collected before accepting a new User. No user shall be accepted an anonymous or fictitious name(s).

In order to identify and counter money laundering (ML) and terrorism financing (TF) risks, ChirpPad has developed an anti-money laundering guideline to facilitate compliance with AML/CFT good practices which include internal procedures that ChirpPad and its employees must follow on how to identify, assess and respond to money laundering and terrorist financing risks.

2. What is Money Laundering & Terrorist Financing?

Money laundering is the process by which the illegal origin of wealth is disguised to avoid suspicion of law enforcement authorities and to wipe the trail of incriminating evidence. Terrorists and terrorist organizations though may not be keen to disguise the origin of their money but would be interested in concealing the destination and the purpose for which the money is collected. Therefore, terrorists and terrorist organizations could also employ techniques to hide and disguise money. Governments around the world recognize the corrosive dangers that unchecked money laundering poses to their economic and political systems and have prescribed acts, rules, and regulations for the prevention of money laundering.

3. What is a money laundering offense?

The offense of Money Laundering is defined as whosoever directly or indirectly attempts to indulge or knowingly assists or knowingly is a party or is actually involved in any process or activity connected with the proceeds of crime and projecting it as untainted property shall be guilty of the offense of money-laundering. “Proceeds of crime” means any property derived or obtained, directly or indirectly, by any person as a result of criminal activity relating to a scheduled offense or the value of any such property.

4. What is the International standard against AML & CTF activities?

The Financial Action Task Force (FATF) is an inter-governmental body that sets standards and develops and promotes policies to combat money laundering and terrorist financing. The Forty Recommendations and Nine Special Recommendations of FATF provide a complete set of counter-measures against money laundering covering the criminal justice system and law enforcement, the financial system and its regulation, and international cooperation. These Recommendations have been recognized, endorsed, or adopted by many international bodies as the international standards for combating money laundering. Website of FATF – www.fatf-gafi.org.

5. Users Acceptance Criteria
   1. No account shall be opened in an anonymous or fictitious/name(s).
   2. No transaction or account-based relationship will be undertaken without following the Client Due Diligence (CDD) procedure.
   3. The mandatory information to be sought for KYC purposes while opening an account and during the periodic updates as specified, should be obtained.
   4. Optional/additional information is obtained with the explicit consent of the user after the account is opened.
   5. Circumstances, in which a user is permitted to act on behalf of another person/entity, should be clearly spelled out in conformity with the established law as there could be occasions when an account is operated by a mandate holder or where an intermediary may open an account in a fiduciary capacity.

Any person who does not meet the above-specified requirements can be a user of the ChirpPad platform only if the platform operator has given consent for it. ChirpPad can refuse to register a user at its own discretion, impose additional requirements for the registration of a user, or change the existing requirements at its own discretion at any time.

Parameters of risk assessment in terms of the user’s identities, social/ financial status, nature of the business activity, information about the user’s business and their locations, etc. have been defined to enable the categorization of users into low, medium, and high risk.

ChirpPad shall not open an account where it is unable to apply appropriate CDD measures, i.e. ChirpPad is unable to verify the identity and/or obtain documents required as per the risk categorization due to non-cooperation of the user or non-reliability of the data/information furnished to ChirpPad. Meanwhile, it may be necessary to have suitable built-in safeguards to avoid harassment of the user. For example, the decision to close an account may be taken at a reasonably high level after giving due notice to the user explaining the reasons for such a decision.

Users that are likely to pose a higher-than-average risk to the company shall be categorized as a medium or high risk depending on the user’s background, nature and location of activity, country of origin, sources of funds, user profile, etc. ChirpPad shall apply enhanced due diligence measures based on the risk assessment, thereby requiring intensive ‘due diligence’ for higher-risk users, especially those for whom the sources of funds are not clear. Examples of users requiring enhanced due diligence shall include (a) high net worth individuals, (b) trusts, charities, NGOs, and organizations receiving donations, (c) companies having close family shareholding or beneficial ownership, (d) firms with ‘sleeping partners’, (e) Politically Exposed Persons, (f) non-face to face users, and (g) those with dubious reputation as per public information available, etc.

6. Card verification

The Users who are intended to use payment cards in connection with the ChirpPad’s Services have to pass card verification in accordance with instructions available on the ChirpPad’s Site.

7. User identification and payment processing procedures

When defining money laundering (ML) and terrorism financing (TF) risks ChirpPad applies a risk-based approach during which ChirpPad’s users go through due diligence procedures, elaborated in accordance with standing U.S. AML/KYC regulations. This Policy defines the process of assessing money laundering and terrorist financing risk, the information to be collected, and the way such information is processed and verified.

ChirpPad’s users (personal data processing objects) are individuals and legal entities that meet the requirements of this Policy and ChirpPad’s Terms of Service. ChirpPad identifies the user by obtaining a range of information about him/her/it. The verification of the identity consists of verifying some of this information against documents or information obtained from a reliable source that is independent of the user.

The following information may be received for identification purposes from a user:

1. From individual: name and surname; date of birth; place of birth; citizenship; gender; personal identity number (if such exists); photograph of an official document which confirms his/her identity; proof of residential address; the number of the personal identification document; the expiry date of the identification document; profession; social status; e-mail address, a contact phone number, other information about the user he/she has to clue under the legislation of the country of residence;
2. From legal entity: full name; date of establishment; registration number; tax number; list and full names of beneficiaries and/or current shareholders; Certificate of Incorporation or Certificate of Good Standing (document must be less than 6 month old); Memorandum and Articles of Association; Certificates listing the current directors; Certificates listing the current shareholders; photographs of an official document which confirms identity minimum 1 of beneficiaries; proof of residential address minimum of 1 the beneficiaries; Certificates listing the registered address (document must be less than 6 months old); Board resolution or Power of Attorney confirming appointment of Authorized person; recent company bank statement or audited financial statements; processing history statements for the last 6 months of processing showing business transactions and/or other information about the user it has to clue under the legislation of the British Virgin Islands.

All the provided information is gathered and carefully studied to reveal whether the company has any subsidiaries, or representatives or is in any way connected to countries that do not cooperate in the field of international opposition to money laundering and finance of terrorism, or if those states are considered to be low tax jurisdictions.

Only an authorized legal representative may register a legal entity on our platform. The authorized representative must provide sufficient documentation proving his authority to represent the legal person. 

Once a user is identified and his/her/its identity is verified, ChirpPad must conduct a certain level of due diligence based on a risk-based approach. We use only official sources to check the provided information, such as state registries or foreign representatives. Other sources may be used if there is no doubt regarding their accuracy and competence.

For some business relationships, determined by the Company to present a low degree of risk of ML/TF, simplified due diligence (SDD) may be applied; in the case of higher risk situations, and specifically in relation to PEPs (paragraph 8 hereunder), enhanced due diligence (EDD) measures must be applied on a risk- sensitive basis.ChirpPad would not be required to obtain evidence of identity of an applicant for business where it has reasonable grounds for believing that the applicant for business is (a) a regulated person, (b) a foreign regulated person, or (c) a legal practitioner or an accountant who belongs to a professional body whose rules of conduct or practice embody legal requirements for the detection and prevention of money laundering that are consistent with the requirements of the Caribbean Financial Action Task Force Recommendations or Financial Action Task Force Recommendations and the legal practitioner or accountant us supervised by his professional body for compliance with those requirements.

8. Data Privacy and Retention

ChirpPad is committed to safeguarding all personal data collected during KYC procedures. All data is processed and stored in compliance with applicable data protection regulations, including but not limited to the General Data Protection Regulation (GDPR), Privacy Act of 1979, and other relevant laws in ChirpPad’s operating regions. For more details on our data protection practices, please refer to ChirpPad’s Privacy Policy.

We ensure that the data we collect during KYC procedures will be used solely for identity verification, fraud prevention, and compliance with applicable anti-money laundering (AML) and counter-terrorist financing (CTF) regulations. Personal data will not be processed for any unrelated purposes without explicit user consent or legal requirements.

9. Politically exposed persons

In addition to the aforementioned measures, we are integrated with the largest database of Politically Exposed Persons (the “PEPs“), as well as those of their family members. Whenever a user has been identified as a PEP, enhanced due diligence measures are applied, and senior management approval is necessary for establishing or continuing a business relationship with such a user.

10. Transaction monitoring

ChirpPad has an ongoing live transaction monitoring process for the purpose of detecting suspicious activity. The solution utilizes statistical and analytical techniques to identify patterns of unusual and suspicious behaviors by building profiles on each individual user and comparing their financial activity against expected and/or peer group norms. This is accomplished by using several powerful data analytics tools for flagging anything that falls outside of “normal.”

We reserve the right to refuse to process a transaction at any stage. Especially, when we believe that a transaction is connected in any way to money laundering or any other type of criminal activity. In accordance with U.S. laws, we are not obliged to inform the user that it was reported to the corresponding bodies of the user’s suspicious activity.

11. Reporting

ChirpPad has established a way in which its staff consults with their line managers to provide evaluation for the rationale of the further disclosure; by no means, does this prevent contacting the compliance officer directly. All internal reports are registered appropriately; the compliance officer maintains a secure suspicious report register. The framework is created in such a way that a reasonable and faithful evaluation is provided for each report that is received. The compliance officer assesses the risk that is posed by a transaction or activity. In cases where there are associated accounts, an examination of such relationships is to be carried out. If an internal review has indicated enough grounds to know or suspect that any benefit has been acquired and if criminal property exists, an external SAR report is to be submitted promptly.

12. Record keeping

Records must be kept of all users’ identity, the supporting evidence of verification of identity (in each case including the original and any updated records), ChirpPad’s business relationship with them, and details of any occasional transactions. As per regulatory requirements, we keep records for at least five years from the date a business relationship ends or from the date of the last transaction.

13. Training

We make sure that employees are aware of our AML program and request that training is provided to all employees (new and existing) before conducting business activities, and, at a minimum, must include:

1. Understanding and recognizing money laundering and fraud;
2. Verifying user identification;
3. Identifying suspicious activity and structured transactions;
4. Reporting requirements related to all transactions.

Additional training should be provided regularly to all employees based on, but not limited to, changes in government regulations of ChirpPad. AML Compliance Program requirements, related procedures, and policies, or in the event of a performance issue related to an AML incident.

14. Escalation Protocol for High-Risk Users and Transactions

1. Identification of High-Risk Users and Transactions. ChirpPad employs advanced monitoring systems to identify users and transactions that exhibit high-risk characteristics, including but not limited to unusually large transactions, multiple flagged activities, or associations with sanctioned entities or jurisdictions.
2. Escalation Proces. Upon identification of a high-risk user or transaction, the following steps will be taken:
   1. Initial Review: The compliance team will conduct a preliminary analysis of the flagged activity within 24 hours of detection.
   2. Internal Escalation: If the initial review confirms the potential for suspicious activity, the case will be escalated to the designated compliance officer or head of AML/KYC for further investigation within 48 hours.
   3. External Reporting: If deemed necessary, ChirpPad will report the activity to relevant regulatory authorities or financial intelligence units (FIUs) as per applicable laws within 72 hours of the escalation decision.
3. Timelines for Follow-Up Actions
   1. User Notification: Where legally permissible, users involved in flagged transactions may be notified within 7 business days, except in cases where such notification could compromise an ongoing investigation.
   2. Account Restrictions: Accounts may be temporarily restricted or transactions paused during the investigation, and users will be informed of the status within 48 hours.
   3. Resolution: All escalated cases will be resolved and documented within a maximum of 30 days, subject to the complexity of the case and regulatory obligations.
4. Recordkeeping
   Detailed records of all escalations, investigations, and follow-up actions will be securely maintained for five years in compliance with applicable laws and ChirpPad’s data retention policy.
5. Transparency and Compliance
   ChirpPad is committed to maintaining transparency and ensuring that escalation procedures comply with applicable laws and regulations. The escalation protocol is designed to ensure rapid and effective responses while safeguarding user rights and maintaining platform integrity.

15. Collaborations with Regulatory Authorities

1. Commitment to Regulatory Cooperation: ChirpPad is dedicated to fostering strong collaborations with local and international regulatory authorities to prevent and combat financial crimes, including money laundering, terrorism financing, and other illicit activities.
2. Provision of Information: ChirpPad will comply with lawful requests from regulatory authorities by providing accurate and timely information related to users, transactions, or any other relevant data, subject to applicable data protection and privacy laws.
3. Proactive Engagement
   1. ChirpPad actively monitors and updates its policies to align with evolving regulatory requirements and international best practices.
   2. The platform may participate in industry forums, regulatory discussions, or compliance initiatives aimed at enhancing the global fight against financial crimes.
4. Cross-Border Coordination: Where applicable, ChirpPad cooperates with multiple jurisdictions to address financial crimes that span borders. This includes adherence to mutual legal assistance treaties (MLATs) and coordination with financial intelligence units (FIUs).
5. Suspicious Activity Reporting: ChirpPad ensures that all suspicious activity is reported to the relevant authorities promptly and in accordance with applicable laws. The platform will also collaborate with regulators in any investigations arising from such reports.
6. Transparency and Accountability: ChirpPad commits to maintaining transparency in its dealings with regulators while protecting user data under applicable laws.Regular audits and assessments will be conducted to ensure compliance with regulatory expectations.