AML/KYC rules

GENERAL AML/KYC POLICY

1. This Anti-Money Laundering and Know Your Customer Policy (hereinafter – the “AML/KYC Policy”) of badalpay.exchange service (hereinafter “Service”), reflects main provisions of Service compliance policies designated to prevent and mitigate possible risks of Service being involved in any kind of illegal activity.

2. Both international and local regulations require Service and its Administration to implement effective internal procedures and mechanisms to prevent money laundering, terrorist financing, drug and human trafficking, proliferation of weapons of mass destruction, corruption and bribery and to take action in case of any form of suspicious activity from its Users. This Policy is prepared in accordance with Federal Republic of Somalia Anti-Money Laundering and Countering the Financing of Terrorism Act, 2016 and best practices implemented in accordance with Directive (EU) 2024/1640 of the European Parliament and of the Council of 31 May 2024 on the mechanisms to be put in place by Member States for the prevention of the use of the financial systеm for the purposes of money laundering or terrorist financing, amending Directive(EU) 2019/1937, and amending and repealing Directive (EU) 2015/849.

VERIFICATION PROCEDURES

3. One of the international standards for preventing illegal activity is customer due diligence (“CDD”). According to CDD, Administration establishes its own verification procedures within the standards of anti-money laundering and “Know Your Customer” frameworks.

4. Service identity verification procedure requires the User to provide Administration with reliable, independent source documents, data or information (e.g., national ID, international passport, bank statement, utility bill). For such purposes Administration reserves the right to collect User’s identification information for the AML/KYC Policy purposes.

5. Administration will take steps to confirm the authenticity of documents and information provided by the Users. All legal methods for double-checking identification information will be used and Administration reserves the right to investigate certain Users who have been determined to be risky or suspicious.

6. Administration reserves the right to verify User’s identity in an on-going basis, especially when their activity seemed to be suspicious (unusual for the particular User). In addition, Administration reserves the right to request up-to-date documents from the Users, even though they have passed identity verification in the past.

7. User’s identification information will be collected, stored, shared and protected strictly in accordance with the applicable law and regulations.

ANTI-MONEY LAUNDERING POLICY

8. Service enforces a strict anti-money laundering policy with zero tolerance for money laundering activities. We define money laundering as any activity that is carried out in an attempt to misrepresent the source of funds actually acquired through illegal processes as funds that were acquired through lawful sources/activities.

9. Administration ensures complete compliance with laws pertaining to anti money laundering through its related policy.

10. All Users shall acknowledge, undertake and agree to the following terms regarding their use of Service and for all financial transactions contemplated in the Service:

• The User will comply (throughout the time being User of the Service) with all relevant statutes pertaining to money laundering and proceeds from criminal activities.
• Service operates under certain obligations known as “know-your-client” obligations which grant Administration the obligation to implement anti-money laundering procedures to help detect and prevent money laundering activities where money laundering may mean to handle any funds associated with any illegal activity regardless of the location of such activity.
• The User agrees to lend full cooperation to Administration with respect to anti-money laundering efforts. This involves providing information that Administration requests regarding the User’s business details, account usage, financial transactions etc. to help Administration perform its duties as dictated by applicable laws regardless of jurisdiction.
• Administration reserves the right to delay or stop any funds transfer if there is reason to believe that completing such a transaction may result in the violation of any applicable law or is contrary to acceptable practices.
• Administration reserves the right to suspend or terminate any account if there is reason to believe that the account is being used for activities that are deemed unlawful or fraudulent. Administration has the right to use User`s information for the investigation and/or prevention of fraudulent or otherwise illegal activities.

11. Administration has the right to share User`s information with:

• Investigative agencies or any authorized officers who are helping Administration comply with applicable law, including anti-money laundering laws and know-your-client obligations;
• Organizations that help Administration to provide the services it offer its Users, including vendors of software used to operate the Service, vendors of KYC solutions used in the Service;
• Government, law enforcement agencies, courts and any other competent authority.

12. Activities that Administration considers possible indications of money laundering inсlude:

• The user exhibits unusual concern about Service’s compliance with government reporting requirements or AML policies or is reluctant or refuses to reveal any information concerning personal finances or furnishes unusual or suspicious identification or documents.
• The information provided by the User that identifies a legitimate source of funds is false, misleading, or substantially incorrect.
• Upon request, the User refuses to identify or fails to indicate any legitimate source of funds and other assets when making payments in amounts larger than 10 000 USD (whether in one transaction or several connected transactions).
• The User (or a person publicly associated with the User) has a questionable background or is the subject of news reports indicating possible criminal, civil, or regulatory violations.
• The User exhibits a lack of concern regarding transaction costs.
• The User has difficulty describing the nature of his or her business.
• The user requests that a transaction be processed to avoid the Service’s ordinary documentation requirements. The User has inflows of funds or other assets well beyond the known income or resources of the User.

The above list is by no means an exhaustive list. Administration monitors its Users and their account activity in light of several other red flags and takes appropriate measures to prevent money laundering.

13. We do not open, maintain or accept anonymous accounts or accounts in fictitious names.

14. We do not establish business relations with, or undertake a transaction for a User that we have any reasonable grounds to suspect that the assets or funds of a customer are proceeds of drug dealing or criminal conduct. We shall lodge a suspicious transaction report and extend a copy to the relevant competent auuthority for such transactions.

15. We perform CDD:

• when we establish business relations with any User;
• when we undertake any transaction for any User whom we had not established business relations with;
• when User carries out occasional transactions or one-off transactions equal to or exceeding the designated threshold of USD $10,000 or the equivalent in any currency;
• when we have suspicion of money laundering or terrorism financing activity;
• when we have doubts about the veracity or adequacy of any information obtained from the User;
• when we suspect that there are 2 or more transactions are or may be related, linked or the result of a deliberate restructuring of an otherwise single transaction into smaller transactions in order to evade the scrutiny analysis of transaction under this Policy, we shall treat the transactions as a single transaction and aggregate their values for the purpose of complying with prevention of money laundering and terrorism financing activity principles.

RISK ASSESSMENT

16. We envisage that the majority of our Users would be retail customers. In this regard, we would:

• document and/or collect documentation in relation to:

• the identities of our Users;
• the countries or jurisdictions that our customers are from or in.

• ensure that, to the best of our knowledge, skill and ability, that our Users, connected persons of a User, natural persons appointed to act on behalf of a User, beneficial owners of a User will be assessed and screened with the assistance of list of designated individuals and entities which inсlude (but are not limited to) the categories such as:

• as described in Restricted Jurisdiction clause of this Policy
• the UN 1267/1989 Al-Qaida List
• the UN 1988 Taliban List

If identified, we shall not deal with any persons identified in the list of designated individuals and Entities.

KNOW YOUR CUSTOMER (KYC)

17. The User acknowledges that he/she/it has to complete a KYC check for the use of the Service, which must be in form and substance satisfactory to the Administration.

18. Documents Submitted by Individual Users. As is required by the laws and regulations of different jurisdictions, the information that the Administration collects on individual Users from different countries or regions may vary. In principle, an individual User is required to provide the following information and data:

• personal name.
• place of residence.
• date of birth.
• nationality.
• telephone number.
• e-mail address.
• a photo of the User taken within the six months from the date of registration in the Service or from the date of Administration`s request.
• Valid Identity Card or a valid passport of the User data.
• other information or documents requested by the Administration.

19. Documents Submitted by Corporate Users. As is required by the laws and regulations of different jurisdictions, the information that the Administration collects on corporate Users from different countries or regions may vary. In principle, a corporate User shall submit the following information and data:

• name of the legal entity.
• registered office legal entity.
• contact information.
• articles of association of the legal entity.
• description of the equity structure and ownership of the legal entity.
• the legal entity ‘s business licensecertificate of incorporation.
• the legal entity’s consent to open an account with the Service.
• details of the valid Identity Card or a valid passport of the legal representative of the legal entity.
• place of residence of the legal representative of the legal entity.
• contact information of the legal representative of the legal entity.
• letter of authorization by the legal entity.
• other information or documents to be provided upon request by the Administration.

20. After receiving the identification information, the Administration should verify this information requesting the appropriate documents. Appropriate documents for verifying the identity of User inсlude, but are not limited to, the following: a high resolution scanned copy or photo of pages of a passport or any other national ID, indicating family name and name(s), date and place of birth, passport number, issue and expiry dates, country of issue and User’s signature, selfie with passport.

21. To verify proof of address of the User the Administration requires one of the following to be provided, in the same correct name of the User: a high-resolution copy of pages of passport, indicating residence; a utility bill (fixed-line phone, water, electricity) issued within the last 3 months; A copy of a tax or rates bill from a local authority; A copy of a bank statement (for a current account, deposit account or credit card account); A copy of a bank reference letter.

22. The User is obliged to collaborate with the Administration in regard to the AML/ KYC check and to provide any information and document deemed necessary by the Administration.

23. The Administration only accepts documents prepared in English or Arabic. Users who submit documents prepared in any language other than English or Arabic shall engage a properly qualified translator to translate such documents into English or Arabic and have the translated version thereof properly notarized. Where a copy of a document is submitted, the copy shall be properly checked against the original of such document. A copy of a document may be submitted if the copy has been notarized and certified as a true and accurate copy of the original document. The certification mentioned under this clause includes, but is not limited to, certification by an embassy, judicial certification, certification by local magistrate, or certification by a notary public.

24. The Administration may reject any User in its sole discretion after the check of documents without being obliged to disclose any reason for the rejection.

25. In case the automatic procedures fail, the Administration contacts the User by email or other means to obtain the information and documents needed. In case the User does not provide the documents in the requested form and any other information requested to satisfy the AML/KYC check within 10 (ten) days which are not public holidays in place where Administration has its principal place of business, Administration may reject the User in registration in the Service or in contemplating particular transaction in relation to which AML/KYC check was initiated and the costs for the AML/KYC check will be at the cost of the User. Additionally, the Administration is entitled to partially or fully withhold the received amounts for any costs or damages incurred by the Administration. All kind of remittance fees either for fiat currency or for cryptocurrencies shall be borne by the User.

26. Throughout the business relationship with each User, the Administration will adopt continuous User identity verification measures so as to keep following the User’s transaction status, and if the Administration finds that the User’s identity information or information has expired and the User fails to updаte such information or data within a reasonable period of time without providing any justifiable reason, the Administration will take measures to suspend the Service for the User.

27. Under any of the following circumstances, the Administration has the right to re-identify a User’s identity (in addition to events specified in clause 14 above):

• where the User requests to change his/her name or designation, the type of his/her identity certificate(s) or identification documents(s), ID Card number, registered capital, business scope or legal representative.
• where there is any abnormality in the User’s conduct or trading.
• where the User’s name is the same as that of any criminal suspect, money launderer or terrorist financier.
• other circumstances under which the Administration deems it necessary to re-identify the User’s identity.

28. The Administration may attract any third-parties in order to conduct proper AML/KYC measures in the Service. List of such third-parties will be available in the Service. Please check their applicable data protection policies in order to understand how they will process your data for the purpose of your identification/verification.

STORAGE OF INDENTITY INFORMATION

29. The Administration ensures proper storage of Users’ identity information and transaction records and properly keeps documents and data such as User identity information and transaction records so as to facilitate money laundering investigation and supervision and regulation, and prevent the loss, damage and disclosure of such information.

30. User identity information and transaction data saved by the Administration includes the User identity information as provided, various data and records reflecting the User’s identity identification carried out by the Administration, as well as the data and information of each transaction and other data reflecting the actual circumstances of the transactions.

31. The Administration keeps User identity information and transaction records for specific terms depending on the following circumstances:

• User’s identity information shall be kept for at least five years, starting from the date when the business relationship between the User and the Administration are terminated.
• transaction records shall be kept for at least five years, starting from the date when the transaction is made.
• if the User’s identity information and transaction records involve any suspicious activity that is being investigated for money laundering, and the investigation into money laundering is not completed at the expiration of the minimum storage term as is specified in the preceding paragraph, the Administration will keep them until the end of the money laundering investigation.

32. If a judicial body, law enforcement body or other competent authority of any country or region submits a request to the Administration for assistance in connection with any investigation, the Administration is obliged to cooperate with such investigation and provide relevant information and materials as is requested by such body or authority, as the case may be.

LEVELS OF VERIFICATION

33. The Administration provides the User with 3 levels of verification depending on types of information and documents disclosed to the Administration: