1. Introduction
- This Anti-Money Laundering (AML) / Counter Terrorism Financing (CTF) and Know Your Customer (KYC) Policies and Procedures Manual (“AML Manual”) is for HFT AG with registered address at 79 Baarerstrasse, 1204 Geneva.
- HFT AG plans to operate under the regulatory supervision of d’Organisme de Surveillance pour Intermédiaires Financiers & Trustees (“SOFIT”) (SOFIT), holding membership number 1268, a supervisory body officially recognised and authorised by the Swiss Financial Market Supervisory Authority (FINMA).
- The procedures set forth herein are intended to assist HFT AG in complying with its obligations at law by taking all reasonable steps and exercising all due diligence to avoid the commission of an offence of money laundering or funding of terrorism.
- HFT AG compliance personnel and others using these procedures should also refer, where relevant, to the Act, the Regulations, the provisions of the Sub-Title, Of Acts of Terrorism, Funding of Terrorism and Ancillary Offences of Title IV A of Part II of Book First of the Criminal Code and any relevant measures/ guidelines which may be issued from time to time by the Swiss Financial Market Supervisory Authority (“FINMA”) and/or any relevant authority or agency.
- When carrying out activities which constitute “relevant activity” HFT AG is required to comply with the requirements of the Prevention of Money Laundering Act, 1994 (Chapter 373 of the laws of Switzerland) (the “Act”) and the Regulations which require HFT AG to adhere to the provisions contained in the Act, the Regulations and the Swiss Financial Market Supervisory Authority (the “FINMA”) Implementing Procedures.
Customer Due Diligence
In terms of its obligations at law, HFT AG is obliged to determine the applicant for business, the Customer or any beneficial owner, and to verify that such person is the person he purports to be, as well as to determine whether such person is acting on behalf of someone else, and to establish the purpose and intended nature of the business relationship and to monitor this relationship on an ongoing basis. In order to successfully adhere to its obligations, HFT AG has developed Customer due diligence (“Due Diligence”) measures which must be implemented by HFT AG and adhered to by its management and staff.
The Due Diligence measures assist HFT AG in determining whether a particular Customer falls within their risk appetite, as well as helps the Company clearly understand the business activities of the Customer in such a way that any transactions which fall outside the business profile of the company may be investigated to determine whether any money laundering or funding of terrorism may be involved. This enables the Company to inform SOFIT and/or FINMA in a timely manner with adequate information on its Customer and their activities when such a request is made.
In Summary, HFT AG has adopted its Due Diligence policies in order to successfully carry out the following:
- identification and verification of the applicant for business
- identification and verification of the beneficial owner, where applicable
- identification and verification when the applicant for business does not act as principal
- obtaining information on the purpose and intended nature of the business relationship
- conducting ongoing monitoring of the business relationship
- establishing the source of wealth and source of funds
- setting up of a Customer acceptance policy and ensuring that the applicant for business
meets the requirements set out in such policy
HFT AG is strictly prohibited from keeping anonymous accounts or accounts in fictitious names.
Understanding Money Laundering
Money laundering is generally defined as engaging in acts designed to conceal or disguise the true origins of criminally derived proceeds so that the proceeds appear to have derived from legitimate origins or constitute legitimate assets. This is done by disguising the sources, changing the form or moving the funds to a place where they are less likely to attract attention. Generally, money laundering occurs in three stages. Cash first enters the financial system at the ‘placement’ stage, where the cash generated from criminal activities is converted into monetary instruments, such as money orders or traveller’s checks or deposited into accounts at financial institutions. At the ‘layering’ stage, the funds are transferred or moved into other accounts or other financial institutions to further separate the money from its criminal origin. At the ‘integration’ stage, the funds are reintroduced into the economy and used to purchase legitimate assets or to fund other criminal activities or legitimate businesses.
Although cash is rarely deposited into securities accounts, the financial industry is unique in that it can be used to launder funds obtained elsewhere, and to generate illicit funds within the industry itself through fraudulent activities. Examples of types of fraudulent activities include insider trading, market manipulation, Ponzi schemes, cybercrime, and other investment-related fraudulent activity.
The Act provides an exhaustive list of acts which constitute money laundering under Swiss law, as follows:
- the conversion or transfer of property knowing or suspecting that such property is derived directly or indirectly from, or the proceeds of, criminal activity or from an act or acts of participation in criminal activity, for the purpose of or purposes of concealing or disguising the origin of the property or of assisting any person or persons involved or concerned in criminal activity;
- the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect of, in or over, or ownership of property, knowing or suspecting that such property is derived directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
- the acquisition, possession or use of property knowing or suspecting that the same was derived or originated directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
- retention without reasonable excuse of property knowing or suspecting that the same was derived or originated directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
- attempting any of the matters or activities defined in the above foregoing sub-paragraphs (i), (ii), (iii) and (iv) within the meaning of article 41 of the Criminal Code;
- acting as an accomplice within the meaning of article 42 of the Criminal Code in respect of any of the matters or activities defined in the above foregoing sub- paragraphs (i), (ii), (iii), (iv) and (v).
Understanding the Funding of Terrorism
Terrorist financing may not involve the proceeds of criminal conduct, but rather an attempt to conceal
either the origin of the funds or their intended use, which could be for criminal purposes. Legitimate sources of funds are a key difference between terrorist financiers and traditional criminal organisations. In addition to charitable donations, legitimate sources include foreign government sponsors, business ownership and personal employment. Although the motivation differs between traditional money launderers and terrorist financiers, the actual methods used to fund terrorist operations can be the same as or similar to methods used by other criminals to launder funds. Funding for terrorist attacks does not always require large sums of money and the associated transactions may not be complex.
Cryptocurrencies
Cryptocurrencies are any form of virtual asset stored on an electronic medium that allows a community of Customers who accept them as means of payment to execute transactions in such assets without using a legal currency (Fiat currency).
The threat posed by cryptocurrencies results from the inherent anonymity of such transactions, particularly concerning the beneficial owner of the assets, and from the fact that many cryptocurrency transactions are carried out directly without a financial intermediary and they are thus beyond any particular regulatory agency’s control. The threat is reflected both in the criminal exploitation of the design of cryptocurrencies and in investor fraud. However, the use of cryptocurrencies poses a threat also in other crime patterns: terrorist financing, laundering of funds from the sale of illegal services and products or drug trafficking, especially by criminal organizations. Cryptocurrencies are particularly well suited for money laundering because of their anonymity.
Just like other countries, Switzerland is vulnerable to this danger because it is complicated for both financial intermediaries and prosecution authorities to establish the identity of the beneficial owner of certain assets. In most cases, the technology underlying cryptocurrencies makes it difficult for owner identity to be established. However, when cryptocurrencies are bought or sold for fiat money, the identity of the beneficial owner(s) of the assets involved can be established.
Our Commitment
HFT AG supports Switzerland’s commitment within the Financial Action Task Force (FATF) to achieve greater harmonization of national regulations to combat money laundering and terrorist financing and is committed to the highest standards of Anti-Money Laundering (AML) compliance. As such, HFT AG has put in place AML Manual to prevent and mitigate possible risks of HFT AG being involved in any kind of illegal activity.
2. Revision
The Policies are revised and updated on a regular basis to ensure appropriate procedures and internal controls are in place to account for both changes in regulations and changes in our business. This AML Manual was last updated on 20th September 2021.
3. Scope
HFT AG recognizes and identifies money laundering and the funding of terrorism as threats to HFT AG , Switzerland’s reputation, and the financial services sector on a global scale.
HFT AG is determined and committed to prevent the carrying out of operations that may be related to money laundering or the funding of terrorism by establishing procedures on internal control, risk assessment, risk management and compliance. HFT AG shall comply with its obligations at law by taking
all reasonable steps and exercising all due diligence to avoid the commission of an offense of money
laundering or funding of terrorism through the abuse its systems and/or services.
These Policies guide the behavior of HFT AG . All senior management, employees and other associated persons who work with the platform and/or Customers and/or Customer information of HFT AG are required to acknowledge that they have read and are familiar with these Policies (see Schedule A). It is expected that the controlled, affiliated and participating companies, define their directions from these guidelines, considering the special needs and the legal aspects to which they are subjected.
4. The Framework of This AML Manual
This AML Manual and its policies lay down a framework to:
- prevent HFT AG from being used by criminal elements for money laundering or financing terrorist activities (intentionally or unintentionally);
- enable HFT AG to know and understand its Customers and, at certain thresholds, we require an
additional financial background information and source of funds form completed (See “Special Compliance Procedures” in the Business relationship with higher risk section).
- put in place appropriate controls for detection and reporting (SARs) of suspicious activities in
accordance with applicable laws, procedures and regulatory guidelines; and
- equip employees and contractors of HFT AG with the necessary training and measures to deal with matters concerning AML/CTF and KYC procedures and reporting
- To securely achieve requirements HFT AG documented a detailed Internal Control Framework defining the required procedural steps and control Permanent adherence to this Framework is paramount to secure and compliant operations of HFT AG . The Framework itself is therefore an integral part of this guideline and all-time performance as well as accurate documentation of required controls are subject to external audit.
5. Guidelines:
HFT AG adheres to the following principles in order to prevent money laundering and terrorist financing:
- act in good faith;
- fulfill the applicable provisions for the business activity, in particular the Anti-Money Laundering Act and the relevant norms of the Swiss Criminal Code, especially Art. 305, 305, 260 and 260 of the Swiss Criminal Code;
- inform the Customers about the legal provisions, in particular of the AMLA and its effect on the business relationship;
- adopt procedures in the development of the HFT AG platform, to inhibit its use for illegal practices linked to money laundering, terrorism financing and corruption;
- do not accept the movement of resources through anonymous checking accounts or linked to fictitious holders;
- use specific parameters for the monitoring of financial transactions that might set up evidence of corruption;
- reject acts of corruption, money laundering, financing of terrorism or any other illegal
6. Our Duties and Responsibilities:
- We do not accept, hold or assist in the investment or transfer of assets which we know or logically assume, are derived from a crime or a qualified tax offense, or stem from criminal organizations, or are intended to finance
- We commit to anti-money laundering according to 305bis SCC, if we take actions which are
designed to obstruct the investigation of the origin of the source, the discovery or confiscation of assets which we know, or logically assume, are derived from a crime or a qualified tax offense.
- We must not maintain business relationships with companies or persons whom we know, or logically assume, finance terrorism or support such a criminal organization in any
- We are liable to prosecution according to Art. 305-ter SCC if, while acting in a professional capacity, we accept, hold, invest or assist in transferring third-party assets and fail to establish the identity of the beneficial owner with the care required in the
- We are liable to prosecution according to Art. 260-quinquies para. 1 SCC, if we intentionally collect, or make available, assets with the intent to finance a violent crime through which the population, a state or an international organization is compelled to act or refrain from
- We adopt procedures of due diligence for mitigating the risks of money laundering, terrorism financing and corruption, according to the activity, jurisdiction and the agents
- We adopt restrictive character measures as for the achievement of business and the maintenance of negotiating relationships with Customers, suppliers and partners when the circumstances reveal evidence of engagement in acts linked to money laundering, terrorism financing or corruption, observed the current legislation.
- We consider, in maintaining a business relationship with partners and suppliers, the existence, within the context of those third parties, of mechanisms to prevent corruption.
Our main duties:
- Verification of the identity of the Customer and the representative of the legal entities;
- Establishing the identity of the beneficial owner;
- Repetition of the verification of the identity of the Customer;
- Establishment of the identity of the beneficial owner in the case of corporate accounts;
- Identification of the nature and purpose of the business
7. Training
New employees receive AML training as part of the mandatory new-hire training program. All applicable employees are also required to complete AML and KYC training annually. We review regularly whether certain employees require specialized additional training. In addition to the below, all employees and other associates shall be required to read and sign-off that they have read and understand this AML Manual in its entirety (see Schedule A, attached hereto).
Training should include, at a minimum:
- how to identify red flags and signs of money laundering that arise during the course of the employees’ duties;
- what to do once the risk is identified;
- what employees’ roles are in our compliance efforts and how to perform them;
- the disciplinary consequences (including civil and criminal penalties) for non-compliance;
Þ All AML Officers are required to take SOFIT’s AML course.
Þ All employees and associates who have access to Customer information will be required to complete a CPD certified training course promptly after hired and yearly.
Þ Participation in additional targeted training programs is required for all employees with day-to- day AML and KYC responsibilities. For example
- Customer due diligence measures;
- record-keeping procedures;
- internal reporting procedures;
- the recognition and handling of suspicious transactions; and
- procedures on risk assessment and risk
8. Third-party service providers
HFT AG currently intends to cooperate with the third-party service providers mentioned throughout this AML Manual. The expansion of the service providers or an exchange is not excluded, subject to the condition that the new third party has the proper corresponding approval or license.
9. Internal controls
We implement and maintain internal control for the purpose of ensuring that all of our operations comply with AML legal requirements and that all required reports are made on a timely basis.
10. Suspicious Activity Reports (SARs)
The AML Officer will also ensure that the firm keeps and maintains all of the required AML records and will ensure that Suspicious Activity Reports (SARs) are filed with the Financial Crimes Enforcement Network (FinCEN) when appropriate.
The anti-money laundering system currently used in Switzerland draws a distinction between suspicious activity reports (SARs) on the basis of intensity of suspicion of money laundering. These suspicions fall into one of two categories: (1) cases where there are reasonable grounds for suspicion, or (2) cases where there is merely suspicion. Each of these two categories is dealt with by two separate pieces of legislation (Article 9 Anti-Money Laundering Act AMLA or Article 305ter paragraph 2 Swiss Criminal Code SCC), which in turn have different consequences for the financial intermediaries and the authorities.
When confronted with a business relationship where elements justify the submission of a SAR to MROS, the financial intermediary must first determine whether the case falls within the scope of application of Article 9 AMLA (https://www.admin.ch/opc/en/classified-compilation/19970427/index.html#a9) or Article 305ter paragraph 2 SCC. However, the financial intermediary is not free to choose between the application of these two provisions: in the first case he has a duty to report, whereas in the second case he has a right to report.
The most recent SAR reporting form and accompanying Factsheet can be found here:
https://www.fedpol.admin.ch/fedpol/en/home/kriminalitaet/geldwaescherei/meldung/ meldeformular.html
AML Officer
HFT AG has designated Jonathan Curci as its AML/CTF Policies and Procedures Program Compliance Person (AML Officer), with full responsibility for our AML program. Jonathan Curci has a working knowledge of the Anti-Money Laundering Act and the relevant norms of the Swiss Criminal Code, especially Art. 305-bis, 305-ter, 260-ter and 260-quinquies Swiss Criminal Code and is qualified by experience, knowledge and training. HFT AG shall ensure that the AML Officer has sufficient resources available, including appropriate staff and technology, to be able to
monitor the day-to-day operations of HFT AG to ensure compliance with its AML Manual policies and
procedures. The AML Officer has a direct reporting line to the Board of Directors. The AML Officer has the authority to act independently in carrying out his duties and has full and unlimited access to the Company’s records, data documentation and information for the purposes of successfully fulfilling his responsibilities. The duties of the AML Officer will include monitoring the firm’s compliance with AML/KYC obligations and overseeing communication and training for employees. The AML Officer will also ensure that the firm keeps and maintains all of the required AML records and will ensure that Suspicious Activity Reports (SARs) are filed with the Financial Crimes Enforcement Network (FinCEN) when appropriate. The AML Officer is vested with full responsibility and authority to enforce our AML Manual and its policies and procedures.
- The AML Officer supervises all aspects of our anti-money laundering and counter-terrorist financing, including but not limited to:
- Collecting Customer ID information;
- Establishing and updating internal policies and procedures for the completion, review, submission and retention of all reports and records required under the applicable laws and regulations;
- Monitoring transactions and investigating any significant deviations from normal activity;
- Implementing a records management system for appropriate storage and retrieval of documents, files,
- Providing law enforcement with information as required under the applicable laws and regulations;
- filing suspicious Activity Reports (SARs) with the Financial Crimes Enforcement Network (FinCEN) when
- interacting with law enforcement involved in the prevention of money laundering, terrorist financing and other illegal
Know Your Customer Process (KYC Process)
Here we will describe the information flow and processes needs to be accepted as a Customer in HFT AG . HFT AG shall verify the complete ownership structure of the Customer up to the Ultimate Beneficial Owner.
HFT AG will use a fully integrated artificial intelligence identity verification system (“to be designated”), which is compliant to the circular 2016/7 “Video and Online Identification” issued and enacted on March 16, 2016 by Swiss Financial Market Authority FINMA. HFT AG only uses its own digital system to identify Customers.
Step 1. Collect documents and analyse them
In the beginning of the Customer registration process on the HFT AG platform, we ask the potential Customer to provide us with the documents listed in the below:
Individuals
For each individual person (if a company, then for each individual person in the ownership structure (shareholder, Board of Director’s Member, the authorised representative, and the Ultimate Beneficial Owner):
Passport / ID copy
The Customer provides a high-resolution, non-expired copy of the Customer’s government-issued ID (passport, national identity card, or a driver’s license) via the HFT AG platform using Electronic identification system.
The submitted imaged requirements include:
- Full-colour image;
- Information must be completely clear and readable; and
- The edges of the ID document must be clearly visible on a contrasting background.
We check each individual’s identity via the HFT AG platform using Electronic identification system.
Proof of residential address
HFT AG is connected with the Global Address System, whereby we can verify the Customer’s address for certain countries that participate in the system. For Customers from countries that do not participate, the Customer must provide us with a copy of an acceptable document for proof of address, such as:
- bank statement; debit or credit card statement; utility bill (water, electricity, gas, NOT mobile telephone bill); payroll statement or official salary document from employer; insurance statement; tax document; or residence
Such documents must contain the Customer’s name, address, and be dated less than 3 months prior.
KYC information collected for larger Customers
The Customer provides KYC information including but not limited to nationality, passport number, date of issue, country of issuance, expiration date, telephone number, email address, PEP status, residence address, date of birth and source of wealth (in certain circumstances as described herein).
Companies
For each legal entity in the ownership structure of the Customer:
Copy of the extract from the commercial register or equivalent proving:
- Name of the company;
- Date of incorporation;
- Registered address and the registered number;
- Directors and shareholders of the company (in case the shareholders are not disclosed online, then a share register duly certified is required).
Copy of Articles (Memorandum) of Association
The Customer provides us with a copy of a valid and signed by all shareholders Articles (Memorandum) of Association.
We check the information and signatures on the Articles (Memorandum) of Association
Copy of certificate of Incorporation
We check the information on the certificate
Copy of up-to-date list of Directors and Shareholders
We ensure the person opening the account is authorised to do so. If person opening the account is not a director, we require a valid power of attorney.
List of Authorised Signatories
We ensure the person opening the account is authorised to do so.
Copies of the passports of all the authorised directors
We verify the individual’s identity using Electronic identification system. Copies of passports of all (UBOs) who owns 10% or more of the company We verify the individual’s identity using Electronic identification system.
KYC information collected
The Customer provides KYC information including but not limited to nationality, passport number, date of issue, country of issuance, expiration date, telephone number, email address, PEP status, residence address, date of birth and source of wealth (in certain circumstances as described herein).
Verification Procedures
HFT AG has established systematic procedures for identifying an applicant for business and ensuring that such identity is verified on the basis of documents, data or information obtained from a reliable and independent source. HFT AG is required to identify the beneficial owner, where applicable, taking reasonable measures to verify the identity such that HFT AG is satisfied of knowing who the beneficial owner is and, in the case of a body corporate, trust or similar legal arrangement, reasonable measures are to be taken to understand its ownership and control structure. Enhanced due diligence procedures shall be applied to those Customers which pose a higher risk. This AML Manual includes strict ongoing monitoring procedures relating to identification requirements as well as the review of all existing relationships as follow
- The Customer must provide HFT AG with reliable, independent source documents, data or information (e.g., national ID, international passport, bank statement, utility bill);
- We reserve the right to collect Customer’s identification information for the AML-CTF-KYC purposes;
- We take steps to confirm the authenticity of documents and information provided by the Customers using the Electronic identification system Standard ID document analysis (see “Standard ID document analysis”, in Section 1, herein).
- We are able to use all legal methods for double-checking identification information and have the right to investigate certain Customers who have been determined to be risky or
- We have the right to verify Customer’s identity in an on-going basis, especially when their identification information has been changed or their activity seemed to be suspicious (unusual for the particular Customer).
- We can request up-to-date documents from the Customers, even though they have passed identity verification in the past.
- Customer’s identification information will be collected, stored, shared and protected strictly in accordance with our Privacy Policy and regulations.
We may use the following non-documentary methods of verifying identity:
- Independently verifying the Customer’s identity through the comparison of information provided by the Customer with information obtained from any public database or other source;
- Checking references with financial institutions;
- Analysing whether there is logical consistency between the identifying information provided, such as the Customers’ name, street address, postal code, and date of birth;
- Obtaining a notarised or certified true copy of an individual’s passport or government-issued ID for valid
HFT AG identity verification system
HFT AG uses Electronic identification system (Identifikaciniai Projektai), a sophisticated fully integrated artificial intelligence identity verification system (“Electronic identification system”), which carefully collects and analyses the documents before approving the Customer’s account:
Customer’s information collection:
Standard Customer’s information collection is performed automatically. Automated information collection includes:
Email and Phone verification tools.
Online questionnaire form and document online submission form, for Customer details such as: full name, date of birth, nationality, residential address.
ID document and selfie video submission tool using either Customers webcam or uploading files as attachments.
Continuous audio and video recording of Customers answers to AML KYC questions.
Picture taking of Customer’s ID documents and Customers face.
Standard ID document analysis:
HFT AG conducts the following automated processes on passport documents submitted by Customers of HFT AG:
The ID document number is reviewed against the database of the country of issue to check if the submitted document number is valid, and was not reported as lost or expired;
The HFT AG system scans and analysis the ID document’s AMZ code, checking if it matches the MRZ code standard encryption algorithms and that it is valid. It also extracts and decrypts the AMZ code. The decrypted information is then compared to the information printed on the document. If decrypted information does not match ID document information, the document is marked as a forgery.
The photo on the ID document is analysed and compared to the selfie video. If biometric data does not match, the document is marked as a forgery.
At the end of selfie video recording, a person must show his/her ID document so that holograms and other special symbols would be visible.
Additional ID document analysis (only for documents submitted as an attachment instead of via live webcam):
Submitted document files are checked for any image editing signs. The system performs these analyses: clone detection, error level analysis, noise analysis, level sweep, luminance gradient, principal component analysis, thumbnail analysis, JPEG analysis, string extraction and geotag analysis.
In addition, system extracts and analysis file metadata, which includes image creation date and all image modification dates, camera/scanner model and maker, image editing software detection, GPS coordinate analysis, image resolution, compression and quality analysis etc.
Other type of document analysis (Articles of Inc., bank account statements, etc.):
In addition to the analysis of ID documents, the HFT AG system uses forensic analysis tools and metadata analysis for other documents submitted by Customers. HFT AG analysis determines (with some level of probability) if the provided digital copy itself is genuine or if it is likely that the file was modified in some way.
HFT AG screens each potential Customer for the following:
1. Person Search and Initial Analysis
Advanced Document Analysis
- Utilises advanced analysis of secure document patterns, examination of sensitive document information, verification of sensitive document information, verification of the address, size and angles and comparison against official databases and verification of the authenticity of the document’s photo to confirm that it is not edited with any image
Document Encryption Analysis
- Using the MRZ encryption algorithm, the system generates security digits and checks if they match those embedded in MRZ code. If MRZ code is correct, MRZ is decoded and the extracted information is matched against the information displayed in the passport. The fonts used in the document, space areas and original print characteristics are compared. Extracted information and security patterns are recorded securely in the HFT AG Identical procedures are used for: passports, ID cards, driver licenses, resident permits.
Document Biometric Data Scan
- Customer records a live video via computer webcam or mobile app. From the recorded video, the system chooses 50 random snapshots for analysis of distinct facial information, among other information:
- Height of the forehead;
- Distance between the center of each eye and the edges of the ears;
- Distance between the center of each eye and tip of the nose;
- Distance between corners of the mouth, edges of the ears and center of each
- Other information related to security techniques are available upon request and signing an Facial scan results are matched against passport photo. The result is presented as a ratio (in percentages) of video and passport photo match. Results from all biometric scans are securely stored on the HFT AG database.
Person’s Background and History Check
- Using data gathered from ID document and Biometric scans, the system finds and analyses social media accounts;
- HFT AG scans the Customer’s name on Internet search engines. All matched results are given a trustworthiness indicator according to the legitimacy of the source For example, a Bloomberg article with a Customer’s name will be given a much higher indicator than an article with a Customer’s name in an unknown blog. Moreover, if search results have both a Customer’s name and a matching picture, the indicator is always higher;
- Internet search results with a Customer’s name are analysed against a number of proprietary keywords such as: ‘fraud’, ‘scan’, ‘lawsuits’, ‘politics’, etc. AI automatically analyses the results against the Customer’s initial trustworthiness
2. Objective investigation:
Country of Origin Database Analysis
- HFT AG checks for police records, legal records, lawsuits, administrative misdemeanours, paid fines, credit ratings, family status, employment history, social security information and other government
- HFT AG checks if passport information matches country of origin and official document
- Via Electronic identification system, our dynamic database scans all passports every 24 hours to ensure they have not expired or been reported as stolen.
International Database Analysis
- Sanction screening
- Criminal records
- Terrorism screening
- PEPs
- Cross-check databases
- Interpol
- Europol
- International Patent Bureau
- International VIP list
- International debtor list
- Dynamic International Business Association debtor, late payers list
3. Additional Analysis Methods:
Bank Account Screening
- Checks that the IBAN is active and when the account was opened
- Validation of IBAN, extraction of IBAN information such as bank information, bank branch address,
- The ratio of incoming Swift and SEPA transactions
- IBAN blacklist
- IBAN hierarchical Money flow patterns, from which IBAN to which IBAN. Subra IBAN flow.
- Claims and Reports
- IBAN web filtering – Determining to which IBAN the official business/enterprise’s name was
Credit Card Analysis
- Credit card type
- Credit card bank information
- Credit card involved security method
- Credit card sensitive information check, Name, Exp Date, CVM
- Credit card image copy analysis Is the given card’s image (looks) matches issuer’s bank credit card sample look
- Credit card security features and patterns check (embossing, hologram, fonts, image type, Visa MasterCard registry check)
- Last transactions, geolocations
- Average transaction Usage patterns, live operations, ATM operations, online operations.
- AI based suggestions for max. transactions to be accepted. Our recommendations is a result of these considerations: bank type and its reputation, card type (credit, debit, platinum, gold )
- Network scan for lost credit card, recently charged back, declined operations, live credit card scan for stolen and reported missing credit
- Credit card verification via small deposit
- USA credit card automated address verification AAV system results. Ability to match credit card billing address with a Customer’s provided address (i.e. conflict Customer from Thailand, credit card from USA)
Step 2. Establishing the identity of the beneficial owner
HFT AG describes the beneficial owner as follows:
Þ The beneficial owner must be a natural person.
Þ The beneficial owner of an operational legal entity or partnership (controlling owner) are these natural persons, who ultimately control the entity or partnership directly or indirectly, alone or together with others owning at least 10 percent of all capital or voting power or control them in a different manner. If these persons cannot be identified, the identity of the member of the highest managing body shall be established as the controlling owner.
Þ A domiciliary company cannot be a beneficial owner. The beneficial owner of a domiciliary company is defined as the person who, based on consultation, managerial authority, organ status, voting or capital participation or for other reasons ultimately has the ability to dispose or to arrange the disposition of the assets of the domiciliary company.
We must identify the beneficial owner or controlling owner and obtain a written declaration from the Customer, if:
Þ The Customer is a corporate account;
Þ the Customer is a natural person and is not identical to the beneficial owner or if there is any doubt about the matter;
Þ the Customer is a domiciliary company;
Þ a cash transaction of considerable financial value, which has or exceeds the amount of CHF 25,000 per year, cumulative, is being carried out.
Þ the Customer is an operational legal entity or partnership and is not listed on a stock exchange nor a subsidiary company which is controlled in the majority by such a company.
Doubt as to beneficial ownership
Doubts as to the beneficial owner of the Customer are possible in the following cases:
Þ a power of attorney is granted to a person who is not sufficiently closely related to the Customer;
Þ the assets contributed by the Customer are clearly beyond his financial resources;
Þ a business relationship is entered into without any previous personal contact;
Þ the contact with the Customer reveals further unusual conclusions.
Step 3. Check for Restrictions
In case the Customer fails to meet the requirements mentioned in Step 1, the onboarding process does not proceed, and the Customer and the AML Officer can decide on whether to continue or not with the onboarding process in another manner, such as manually.
Step 4. Video authentication
Since the business relationships are entered into over the HFT AG platform, HFT AG verifies that the submitted ID document belongs to the Customer via Electronic identification system’ video verification system, which takes a video of the person and analyses it along with the submitted ID document to make sure it’s a match. In this way, the document is authenticated. The Customer records a live video via computer webcam or the mobile application. Searches via the mobile app are synchronized with the Electronic identification system blockchain.
From the recorded video, the system chooses 50 random snapshots for analysis of distinct facial information, among other information:
Height of the forehead.
Distance between the center of each eye and the edges of the ears. Distance between the center of each eye and tip of the nose.
Distance between corners of the mouth, edges of the ears and center of each eye.
Other information related to security techniques are available upon request and signing an NDA. Facial scan results are matched against passport photo. The result is presented as a ratio (in percentages) of video and passport photo match.
Step 5. Confirmation of residential address
Currently, we plan to focus primarily on Customers in Switzerland, Europe and the Middle-East and not to engage in business with unapproved jurisdictions or with those who impose high risks according to FATF.
HFT AG is connected with the Global Address System, whereby the system automatically verifies the Customer’s address for certain countries that participate in the system. For Customers from countries that do not participate,
the Customer must provide us with a copy of an acceptable document, dated less than 3 months prior, for proof
of address, such as:
Þ bank statement;
Þ debit or credit card statement;
Þ utility bill (water, electricity, gas, NOT mobile telephone bill);
Þ payroll statement or official salary document from employer;
Þ insurance statement;
Þ tax document; or
Þ residence certificate.
Such documents must contain the Customer’s name, address, and be dated less than 3 months prior. We take steps to confirm the authenticity of such documents provided by the Customers using the Electronic identification system Standard ID document analysis (see “Standard ID document analysis”, in Section 1, herein).
The authentication of the copy of the identification document may also be carried out manually by:
Þ a notary or an attorney-at-law admitted in Switzerland or a public authority which customarily performs such authentication services;
Þ a Swiss financial intermediary in accordance with Art. 2 Para. 2 or 3 AMLA or foreign financial
intermediary who carries on an activity in accordance with Art. 2 Para. 2 or 3 AMLA, provided that he is subject to equivalent regulation and supervision in relation to combating money-laundering.
Step 6. Repetition of the verification of the identity of the Customer
Þ The HFT AG AML system is dynamic, and conducts an automated search every 24 hours, so all status changes in personal Customer profiles are updated and the most recent information is imported and flagged for review in the system. For example, if the Customer’s passport is reported as stolen or lost, or if the person appears in the PEP list or is registered in the police report, the system will find it in 24 hours and flag the account for our review.
The Wallet
Monitoring and control of cryptocurrency wallets from which Customers receive cryptocurrency fund.
In accordance to FINMA Guidance 02/2019, Payments on the blockchain, 26 August 2019 HFT AG will implement external cryptocurrency wallet monitoring and control system. The HFT AG wallet is a non-custodial wallet.
HFT AG does not hold cryptocurrency in collective custody on behalf of its clients. Each client stores his/ her own crypto on the blockchain via their wallets.
Customers are allowed to make cryptocurrency transfer only from their private wallets which are assigned to them.
A White Labelled Service Provider is employed by the operator of the wallet to automatically scrutinize cryptocurrency transactions. This will monitor whether or not the cryptocurrency originated from or passed through a known dark web wallet, wallets associated to stolen bitcoins, major exchange hacks, etc.
All transactions regarding cryptocurrency are executed by the Customer; neither HFT AG nor our custodian banks have any access to Customer wallets or their private keys.
Ongoing Customer Activity Monitoring and Analysis
Our AML-KYC system uses ongoing automated Customer activity monitoring (with automated triggers for investigation) for events such as larger than usual transactions or transaction volume, unusually frequent or large banking or cryptocurrency deposits and withdrawals, deposits from new bank accounts, etc.
Our AML-KYC system receives ongoing updates about the details submitted by its Customers (from Electronic identification system). Such as document expiration dates, reports of stolen or reported as lost documents, address changes, new records in section list Interpol, Europol, etc.
In addition to separately analyzing our Customer transactions, bank and cryptocurrency accounts, ID documents and proof of funds, the HFT AG system automatically conducts a meta-analysis/holistic examination by analyzing each component of the Customer’s entire file, in conjunction with all his activities, which when looked at together might lead to a red flag, and where separately, it might not.
Business relationship with higher risk
- The risk profile of the Customer will be defined according to risk factors described below:
Þ Domicile or address of the Customer and/ or beneficial owner or their nationality;
Þ nature and location of the business activities of the Customer and/ or beneficial owner;
Þ nature of the requested services or products;
Þ level of the transactions;
Þ level of the asset flows, as applicable;
Þ origin or target country of frequent payments, as applicable;
Þ complex structures, especially the use of domiciliary companies.
2. Country and corporate risk categories:
HFT AG designates countries in five categories: (1) low risk; (2) medium risk; (3) high risk; (4) corporate; and (5) prohibited. See Schedule F for a complete list of countries and their risk category.
3. HFT AG currently does not accept Customers from the following countries:
Crimea, Cuba, Iran, Iraq, North Korea, North Sudan, South Sudan, Syria, Venezuela.
4. The Customer is considered high risk or enhanced monitoring if it fits into one of the cases below:
- Domicile/address of the Customer or UBO is in one of the countries designated as high risk (see Schedule F).
- Location of the business activities of the Customer is in one or more of the following countries: All prohibited countries in section 3, above, plus Algeria, Argentina, Bangladesh, Bolivia, Brazil, Cabo Verde, Cameroon, Chile, China, Colombia, Comoros, Ecuador, Egypt, Guyana, Lesotho, Macedonia, Malawi, Morocco, Nepal, Paraguay, Peru, Sao Tome and Principe, Senegal, Seychelles, Suriname, Tanzania, Uruguay, USA,
- The level of assets deposited is greater than the informed assets in case of company or greater than CHF 100,000 per year in case of a person;
- The total volume negotiated is greater than CHF 100,000 in case of a person;
- The Customer conducts or sends or receives frequent payments to/from one of the countries designated as high risk (see Schedule F).
5. A business relationship is always a high risk, if there is:
Þ a business relationship with foreign politically exposed persons (PEP) and their family members or close associates;
Þ a business relationship with domestic politically exposed persons and with a politically exposed
persons in international organisations and their family members or close associates,
Þ business relationship with a politically exposed persons in a leading function in an international sport organisation or with their family members or close associates,
Þ domicile, residence or place of business activity of the Customer or the beneficial owner or their nationality are in a country without effective measures to combating money laundering;
Þ the business relationship, the level of assets or the transaction volume seem under consideration of the Customer profile or the circumstances unusual, unless its legality is clear.
6. Specific Higher Risk Situations
Þ Customers whose predominant source of funds is derived from cash or cash-equivalent transactions, cryptocurrency exchanges, and third-party payment providers;
Þ Recurring international transfers via the HFT AG platform
Þ Excessive inflows and outflows that do not seem to correspond to the specific Customer’s known
source of funds;
Þ Legal entities or non-profit organisations transacting by using cryptocurrency exchanges in a way that would be expected of private individuals (could be a sign of a shell company or shelf company);
Þ Transactions that are structured and micro-structured to evade record keeping and restrictive thresholds;
Þ Situations where multiple Customers send similar values in a similar timeframe to HFT AG ;
Þ Fast outgoing cash and cash-intensive activity
Þ Rapid flow-through of funds to external financial institutions, where deposit and outflow activity appear similar in aggregate value and timeframe;
Þ Large purchases of real estate, automobiles and boats;
Þ Connections, transactions or travel to digital money-laundering hubs (e.g. Russia, Venezuela, Lebanon, Iran, North Korea, Ukraine, Turkey, Paraguay) and those in close proximity to substantial conflicts, corruption, organised crime and terrorist activity.
7. Special Compliance Procedures and Categories:
We categorise Customers as low risk, medium risk and high risk. The medium and high risk classifications will undergo special compliance procedures as defined herein and in the Risk Control Framework.
The following procedures are carried out when certain thresholds are met:
Þ Category I – A
- All
- All Customers must complete the HFT AG registration process which includes identity verification via our identity verification system, Electronic identification system, a sophisticated fully integrated artificial intelligence identity verification system (“Electronic identification system”), which carefully collects and analyses the documents before approving the Customer’s
Þ Category I – B
- All Corporate
- A director or other authorised person from the company must first open an individual account and pass Category 1 screening. Then, the individual can apply for a corporate account from within his individual account and must complete the HFT AG business registration
Þ Category II – Medium Risk category:
- CHF 15,000 per year in cumulative transactions (enhanced monitoring)
- family members or close associates of foreign PEPs
- In addition to the Category I screening, a Source of Funds form must be completed (See “Schedule D”, attached)
Þ Category III – High Risk Category:
- CHF 25,000 per year in cumulative transactions (enhanced risk);
- foreign politically exposed persons (PEPs)
- the nature of the Customers’ business involves dealing with cash transactions;
- the business relationship, the level of assets or the transaction volume seem under consideration of the Customer profile or the circumstances unusual, unless its legality is clear.
- domicile, residence or place of business activity of the Customer or the beneficial owner or their nationality are in a country without effective measures to combating money laundering;
- Customers whose predominant source of funds is derived from cash or cash- equivalent transactions, cryptocurrency exchanges, and third-party payment providers;
- Recurring international transfers via our platform
- Excessive inflows and outflows that do not seem to correspond to the specific Customer’s known source of funds;
- Legal entities or non-profit organizations transacting by using cryptocurrency exchanges in a way that would be expected of private individuals (could be a sign of a shell company or shelf company);
- Transactions that are structured and micro-structured to evade record keeping and restrictive thresholds;
- Situations where multiple Customers send similar values in a similar timeframe to HFT AG ;
- Fast outgoing cash and cash-intensive activity
- Rapid flow-through of funds to external financial institutions, where deposit and outflow activity appear similar in aggregate value and timeframe;
- Large purchases of real estate, automobiles and boats;
- Connections, transactions or travel to digital money-laundering hubs (e.g. Russia, Venezuela, Lebanon, Iran, North Korea, Ukraine, Turkey, Paraguay) and those in close proximity to substantial conflicts, corruption, organised crime and terrorist
- We require additional financial background documents such as salary pay slips, inheritance information, dividends, tax declarations and other income
- Schedule C (KYC Your Customer Form) completed for personal accounts and for each individual person who is a director or owner of 10% or more of the company (Shareholders, Board of Director’s members).
- Regular review of the Customer
- Curriculum vitae (cv/resume)
- Social Profiling:
- The Customer is instructed to sign in to Electronic identification system with their Social Media account:
- During sign in with Facebook, Linked-in, Instagram, Twitter, Google and other accounts, Electronic identification system extracts date of birth, full name, address and biometric picture match
- Facebook account registration date, activity patterns, number of friends, average post number etc.
- Registration steps are completed, and scan results Next an AI-based report is generated, strictly adhering to Swiss AML, KYC Law. The Customer´s data hash is securely encrypted onto Identifikaciniai Projektai, and the Customer is verified by this service provider.
Documentation and Escalation Policy
Each Customer has its own unique Customer ID-Number. The ID-Number is equally the File-Number under which all information and documentation collected about a Customer as well as decisions made by competent staff at HFT AG are documented. Comprehensive documentation of all identification, monitoring and control routine as well as any form of judgement made by HFT AG staff must carefully be documented. In case of judgement applied, the basis of conclusion must be described to secure a reliable audit trace.
In case of external audit or official investigation, the Customer-related information collected under his File Number will provide the comprehensive source of information and hence is paramount for demonstration that HFT AG complied with all requirements described in this guideline as well as with the detailed control requirements set-out in the Internal Control Framework. Insufficient or missing documentation will normally be considered as a non-performed step and may leads to scrutiny and liability due to non-compliance with AML / KYC requirements.
It’s the duty of all staff to assure permanent compliance whereby the operational responsibility lies with the AML Officer under delegated responsibility by the Chief Executive Officer of HFT AG . Any arising concern about a Customers compliance with AML / KYC requirements must be escalated to the AML Officer with immediate effect.