The AML/KYC policy of the CryptoTonna.com service is a comprehensive security system consisting of a variety of approaches and activities for user identification, which allows the fight against economic and other offenses.

AML is a set of measures aimed at combating money laundering. This policy involves verifying the identity of users. Customer identification is aimed at identifying persons who have been involved in illegal activities, are under sanctions or blacklisted by international financial organizations.

This policy is complemented by the KYC system, which focuses on checking the personal data of users, allows you to implement algorithms for studying personal information about customers in order to ensure a high level of security for all users of the cryptocurrency exchange resource.

Thus, the AML / KYC policy allows you to effectively combat money laundering, sponsoring of terrorism, fraud and other illegal economic activities through thorough verification and identification of the identity of resource users. The AML/KYC policy is fully consistent with international practices and foreign experience in ensuring the security of financial transactions.

Terminology

For the full functioning of the AML / KYC system, the service uses certain terms and special abbreviations:

• The company is an online platform that provides services for the exchange of electronic and digital currencies.
• User - a private or legal person registering on the service and gaining access to financial services and electronic resources of the resource.
• Money laundering is an illegal procedure that consists in hiding the amounts and sources of funds received, concealing the purpose of currency transfers, providing incorrect information about the recipient and other signs of fraudulent financial activity that is detrimental to the state and third parties.
• Financing of terrorism - investing in organizations that are engaged in suspicious and illegal activities that fall under the provisions of the Criminal Code.
• International sanctions are a series of restrictions imposed by the EU, the US and other international influential organizations that apply to persons caught in illegal financial activities.
• People with political influence (PEP), their relatives, cohabitants and business partners are persons who have significant influence on the political situation and occupy prominent positions in government structures, as well as relatives of these persons, cohabitants, partners, close persons.
• The AML Law is an additional list of measures that are carried out in case of suspicion of maintaining illegal declarations of income and sources, as well as funds received by a private or legal person.

AML/KYC policy rules and regulations

The AML/KYC policy requires a certain set of rules and algorithms to be implemented by the company"s employees in order to work effectively. These rules should take into account international experience, the specifics of sanctions, blacklists and the internal regulations of the company.

Algorithms for implementing the AML / KYC strategy on the CryptoTonna service are the basis of the internal security of the cryptocurrency exchange service. Working algorithms allow you to effectively respond to suspicious situations related to money laundering or other non-standard situations.

In carrying out their activities, the company"s specialists are guided by current legislative norms and international rules when checking the identity and activities of users, identifying and preventing illegal and suspicious activities.

Security specialists undergo additional briefings related to updating the legal framework.

User identification and work with personal data

The basis for implementing the AML / KYC policy is user verification, personal identification and monitoring of customer activities and transactions. To perform these tasks, the main tool remains personal identification at the time of user registration, as well as the implementation of scheduled and unscheduled checks.

Thus, when working with clients, specialists equally adhere to internal standards for implementing the AML / KYC policy. Also, the service does not cooperate with representatives of third parties for security purposes. All transactions are performed by users on their own behalf.

To identify the user"s identity, the resource administration requests the following documents:

• internal civil passport;
• international passport;
• driver"s license;
• bank card (with a photo of the owner).

To confirm the data, a copy of the document in good quality is submitted. All inscriptions, dates, serial numbers, photographs must be clearly visible on the copy. It is not allowed to use documents with traces of corrections and retouching. In the event that the user submits deliberately false and untruthful data, seeks to impersonate another person, the administration has the right to transfer suspicious information to law enforcement officers.

The resource administration stores the received data, does not disclose or publish information in the public domain, does not transfer copies of documents to third parties, and ensures the safety and privacy of users" personal data.

These documents are necessary to obtain and confirm the user"s personal information, such as:

• surname, name and patronymic;
• Date of Birth;
• place of registration and address;
• contact details (mobile phone number and email address);
• tax number;
• information about the involvement of the person, relatives and partners of the person in the PEP.

Foreign citizens additionally submit documents confirming registration and legality of stay in the country in which the resource is registered, for full access to all functions and financial transactions.

Documents confirming the identity of the user are also considered those that contain information about the place of residence. These include utility bills and bank statements. The validity of this type of document is three months from the date of issue.

Legal entities may submit the following documents for identification verification:

• extract from the commercial register with an apostille;
• name of the organization, serial registration number with date;
• address (legal and actual);
• information about the representative;
• Contact Information.

Clients who have passed the identification procedure during registration allow the resource to maintain and ensure stable operation and access to all functions, safe use of the service for all users.

Working with risks: forecasting, analysis, neutralization of negative consequences

Working with risks, forecasting and analyzing threats, allows you to prevent the facts of money laundering and investments in terrorist organizations, as well as quickly eliminate the negative consequences of such activities.

Risk analysis includes the study of such aspects:

• geographic features (effect of sanctions of the EU, UN and other organizations; work with states that do not take measures to combat money laundering; the presence of a high level of corruption in the country);
• user risks (work with PEP clients, their relatives, partners, close associates; clients blacklisted and seen in financial violations, money laundering);
• financial transactions (transactions by a third party; lack of commercial justification for the transaction; lack of access to the participants in the transaction; a large number of accounts from which funds are received; non-standard transactions; a noticeable gap in the amount of transactions made).

In the event that the company"s specialists detect these aspects when monitoring the activities of clients, such a fact becomes a risk of unreliability of the user and a reason for additional checks, up to a temporary freezing of transactions and an account.

The resource administration reserves the right to refuse the user to provide services in the following cases:

• the user"s activity is associated with a state that is related to high financial risks;
• the client is on the black lists of international organizations, is the object of sanctions;
• the client is suspected or has been previously convicted of money laundering or sponsoring terrorist activities.

In the event that the client is suspected of illegal financial activities, the administration initiates additional verifications of the identity and transactions.

Digital risks: identification, prevention, work with consequences

The IT sector, the active development of electronic technologies and the opportunities associated with this industry are becoming a source of risks for the economic sphere, including services for the exchange of cryptocurrencies and financial transactions.

Digital risks include:

• storage and transfer of personal information of users;
• providing knowingly false information;
• distribution of malware;
• theft of important digital information;
• hacker attacks;
• the stability of the electronic systems responsible for storing and transmitting data.

In order to reduce the occurrence of digital risks, the company"s specialists use internal servers, as well as licensed software and operating systems, to store and process data. Also, the organization uses equipment that excludes the use of external media, such as disks and other drives, with which attackers can copy or download data.

The electronic and digital systems of the company undergo timely testing and updating, maintenance, which allows maintaining a high level of security and data integrity. In addition, the servers are backed up. The technical staff is properly trained.

Legal checks

Part of ensuring the security of the service are legal checks. Legal checks are aimed at analyzing the identity and activities of users whose financial transactions are suspicious, are of a non-standard nature. They are aimed at working with copies of documents received from clients, analyzing data and personal information.

The main feature of the AML / KYC system is the implementation of digital, legal and other checks before the start of cooperation between the client and the cryptocurrency exchange resource. In the event that the client fails to confirm his identity or submits deliberately false information, the administration has the right to refuse access to services. In the event that illegal activity is detected, information about the user and the transactions made is transferred to law enforcement officers.

CryptoTonna cryptocurrency exchange portal , the user accepts the requirements of the AML / KYC policy, which ensures the stable operation of the service and a high level of security for all users. The client provides true and complete personal information for identification, which allows excluding from the number of clients persons previously involved in illegal financial activities. This approach allows the employees of the organization to effectively combat money laundering, sponsoring terrorist activities.