POLICIES AND MEASURES FOR THE PREVENTION OF MONEY LAUNDERING AND THE FINANCING OF TERRORISM

(hereinafter: Policy)

Digital Assets d.o.o. (hereinafter: Company) advocates the highest level of prevention of money laundering and the financing of terrorism (hereinafter: AML/CFT). The Company follows the laws of the Republic of Croatia and the EU and actively prevent all activities that are aimed at or facilitate the process of legalization of illegal funds.

This Policy prescribes the measures, actions, and procedures that the Company undertakes in regular operations in order to prevent ML and FT.

The Company reserves the right to suspend the service to the Customer if there is a suspicion that the funds have been obtained illegally.

BASIC TERMS

Customer identification is a procedure that involves establishing the actual identity of the Customer based on credible sources, primarily personal documents.

Financing of terrorism (hereinafter: FT) is the enabling or raising of funds with the intent to be used to commit a terrorist offence (such as training for terrorism, endangering the safety of persons under international protection, disrupting the security of international air traffic, etc.).

Money laundering (hereinafter: ML) is the process of converting funds from illegal activities (such as fraud, corruption, drug trafficking, tax evasion, terrorism, etc.) into other funds or investments that appear legitimate for the purposes of concealing the real source of funds.

Suspicious transaction is any attempted or executed transaction for which we estimate that there are grounds for suspicion of ML or FT, i.e., that the transaction includes funds from illegal activities.

Terrorism may be financed from the proceeds of legal activities, which further complicates detection, unlike ML, which is always preceded by an illegal action.

Transaction is any receipt, expenditure, transfer from one account to another, exchange, safekeeping, disposal, and other type of money handling within the Bitcoin Store platform.

INTERNAL MEASURES FOR THE PREVENTION OF ML AND FT

The Company implements the AML/CFT procedure with the following measures:

  • KYC (Know Your Customer) process
  • Risk assessment
  • Monitoring of Customer activities
  • Record keeping
  • Employee training

The Company implements all activities and processes related to the Directive (EU) 2015/849 when concluding a business relationship and during each Customer activity.

CUSTOMER IDENTIFICATION

Know Your Customer (KYC) is a process that involves taking measures through which the Company establishes the identity of the Customer.

Customer Due Diligence measures

Customer due diligence measures comprise of:

  • Identifying and verifying the Customer's/beneficial owner's identity on the basis of documents, data, or information
  • Obtaining information on the purpose of the business relationship, the source of funds, and other information required by the Directive (EU) 2015/849
  • Conducting ongoing monitoring of the business relationship

The Company applies enhanced Customer due diligence measures to manage and mitigate ML or FT risks:

  • When the natural person/beneficial owner is a politically exposed person
  • When assessing that the Customer presents a high risk of ML or FT
  • When suspecting on ML or FT
  • When transactions do not have an apparent economic or lawful purpose

Natural person

When carrying out a transaction in a Branch, the Company identifies the Customer's identity on the basis of an identification document. The Company accepts the following identification documents: Identity Card, Passport, Residence Permit and Drivers License.

In that case, the Company collects the following Customer's information: name and surname, residence address, date, month and year of birth, personal identification number, name and number of the identification document, name, and country of the issuer of identification document and the nationality/nationalities.

When establishing a business relationship, i.e., when opening a Bitcoin Store account, the Company conducts the verification process. The Customer verification process refers to the collection of Customer information exactly as in the previous paragraph and verification of the submitted information. In this case, the Company uses the services of a third party, to attempt to establish the veracity of the information and identification document provided.

The Company uses e-identification for completing the verification process. In that case, the Customer is redirected to take a selfie of himself/herself from a mobile device or personal computer, in order to prove actual presence.

Legal person

When carrying out a transaction in a Branch, the Company identifies the Customer who is a legal person on the basis of identification document of the authorised representative.

The Company collects the same identification documents and information as for the identification of the natural person. For a legal person, the Company collects the following information: legal entity name, legal form, registered address (street and number, city and country), and legal entity identification number.

When establishing a business relationship, i.e., when opening a business Bitcoin Store account, the Company conducts the following steps:

  • An authorized representative has to pass the verification process, under the same conditions as a natural person
  • An authorized representative has to provide official documentation for a legal person

Depending on the legal form, the Company collects:

For a Corporation , Limited Liability Company (LLC):

  • Official Excerpt from the relevant court register (not older than 3 months)
  • Official Excerpt from the relevant Register of Beneficial Owners (not older than 3 months)
  • Copy of the personal identification document for the beneficial owner (identity card, driving license or passport)
  • Power of Attorney, if a representative of the Customer is not the Key Director of the Customer (not older than 3 months)

Note: if the legal entity has more than one beneficial owner who owns 25% or more shares in a legal entity (or 10% and more in the case of the high-risk Customer) it is necessary to submit their identification documents.

Association:

  • Decision on the registration of the association in the Register
  • Official excerpt from the Register of associations
  • Official excerpt from the Register of beneficial owners

Craft business:

  • Decision on Entry in the Register of Craft Business
  • Official excerpt from the Trade register
  • Trade license
  • Joint venture agreement. In this case, all partners are required to submit copies of their personal identification documents

Note: Documentation must be not older than 3 months.

All official documentation of a legal entity with its registered office outside the Republic of Croatia must submit a certified translation into English or Croatian language.

The Company has a right to request additional documentation, anytime, that may be required in a case of approving or during the business relationship with the legal entity.

Personal data of natural and legal persons are kept in accordance with the General Data Protection Regulation (GDPR). You can find more on the collection, processing, and use of personal data in the Privacy Policy document.

RISK ASSESSMENT

The Company regularly performs enterprise-wide risk assessments aiming to identify changes within the customers’, products’, geographic, and distribution channels’ base and verify whether existing control measures are sufficient to make the residual risk low.

The Company performs an individual risk assessment of each Customer before entering into a business relationship with the Customer or in case the Company becomes aware of certain circumstances indicating the possible change in the Customer’s risk group.

Each Customer of the Company is always assigned to the relevant risk group: low, medium, or high.

MONITORING OF CUSTOMER ACTIVITIES

The Company carries out ongoing monitoring of the Business Relationship. This includes transaction monitoring and keeping the underlying Customer’s information up to date. The Company ensures and applies both the instant and retrospective monitoring procedures.

A monitoring might be carried out by using the services of third parties. In that case, the Company ensures that third parties follow the requirements specified in the agreement with the Company and by the Law.

RECORD KEEPING

The Company ensures that the documents and information related to the operations, transactions, business relationships, training material, and others are kept in accordance with the applicable legal regulations of the Republic of Croatia and the EU.

EMPLOYEE TRAINING

The Company conducts a training program at least annually. Employees’ training program ensures that all Company’s employees who face ML / TF prevention measures in dealing with their functions are properly educated.

FINAL PROVISIONS

The Company reserves the right to change the Policies and measures for the prevention of ML and FT at any time in order to maintain the highest level of compliance with the AML/CFT Act.

This abbreviated version of the AML/CFT Policy shall enter into force on 28th June 2022 and replace any other AML/CFT policy that has been applied prior to that date.