BitcoinBro Anti-Money Laundering Policy

1. What is Money Laundering?

The Proceeds of Crime Act 2002 (POCA) consolidated, updated and reformed criminal law with regard to money laundering.

Money laundering can be defined as the process to move illegally acquired cash through financial systems so that it appears to be from a legitimate source. Money laundering offences include: concealing, disguising, converting, transferring criminal property or removing it from the UK (Section 327 POCA); entering into or becoming concerned in an arrangement which you know or suspect facilitates the acquisition, retention, use or control of criminal property by or on behalf of another person (Section 328 POCA); and acquiring, using or possessing criminal property (Section 329 POCA).

There are also several secondary offences, failure to disclose knowledge or suspicion of money laundering to the Money Laundering Reporting Officer (MLRO); failure by the MLRO to disclose knowledge or suspicion of money laundering to the National Crime Agency; and ‘tipping off’ whereby somebody informs a person or persons who are, or who are suspected of being involved in money laundering, in such a way as to reduce the likelihood of their being investigated or prejudicing an investigation.

Within the UK alone it is estimated that over £90 billion is laundered on an annual basis. In response to this, the United Kingdom has passed legislation complementing POCA designed to prevent money laundering and to combat terrorism. This legislation, together with regulations, rules and industry guidance, forms the cornerstone of AML/CTF (anti-money laundering/countering terrorism financing) obligations for UK firms and outline the offences and penalties for failing to comply.

2. Impact on BitcoinBro and its staff

BitcoinBro’s business activities are currently unregulated. The trading and broking of cryptocurrencies is not currently a regulated activity for the purposes of the Financial Services and Markets Act 2000. In addition, Bitcoin’s activities do not currently fall within the scope of the UK AML/CTF legislation, principally the Money Laundering, Terrorist Financing and Transfer of Fund (Information on the Payer) Regulations 2017 (the “2017 Regulations”), although this will change once the Fifth Anti-Money Laundering Directive is incorporated into UK law some time in 2018.

However, BitcoinBro’s senior management have elected to implement systems and procedures that meet the UK AML legislation. This decision reflects BitcoinBro’s desire that its service offering should not facilitate money laundering and not be used by criminals to launder proceeds of crime.

This Policy sets out how BitcoinBro staff should formally raise concerns, in writing to the managing director and head of compliance, if they suspect money laundering or inadvertently become involved in it in some way in the course of their BitcoinBro activities. Staff have a positive obligation to act should they suspect or become involved in money laundering – doing nothing is not an option and leaves staff open to criminal liability if they do not report money laundering where they suspect, or should have reasonable grounds to suspect, that it is taking place.

3. BitcoinBro Policies, Controls and Procedures

BitcoinBro is committed to establishing and maintaining policies, controls and procedures to manage and effectively mitigate the risks of money laundering and terrorist financing. These policies will be regularly reviewed to ensure that they remain fit for purpose and will include:

– The risk management practices adopted by BitcoinBro to prevent its business being used for money laundering and/or terrorist financing.
– Customer due diligence requirements, including enhanced due diligence for those customers presenting higher risk, such as Politically Exposed Persons (PEPs).
– Internal controls in relation to its senior management and staff members.
– The independent audit of its policies, controls and procedures.
– Record keeping.
– Monitoring compliance with its policies, controls and procedures and their communication to staff.

4. Money Laundering Reporting Officer

The Company will appoint a MLRO to receive disclosures about money laundering activity and be responsible for anti-money laundering activity within BitcoinBro.

The MLRO will ensure that appropriate training and awareness is provided to new and existing staff and that this is reviewed and updated as required.

The MLRO will ensure that appropriate anti-money laundering systems and processes are incorporated by BitcoinBro.

5. Risk Assessment and Risk Management Practices

Regulation 18(1) of the 2017 Regulations requires a firm to take reasonable steps to identify and assess the risks of money laundering and terrorist financing to which its business is subject. Firms are required to take into account their customers and clients, the countries or geographical areas in which they operate, their products or services, the nature of transactions and delivery channels.

6. Customer Due Diligence Requirements

Customer due diligence requirements are set out in Annex 1.

7. Record Keeping

Regulation 40 of the 2017 Regulations requires firms to retain copies of all documentation obtained from a customer. In addition, records of all trades and their position on the relevant blockchain will be retained by BitcoinBro.

Documentation will be retained for at least 5 years, in the case of trades, from the date of the trade, and in the case of customer documentation, following the last trade which the customer has made with BitcoinBro.

Personal data may only be used by BitcoinBro for the purpose of our business or for the purposes of preventing money laundering or terrorist financing.

8. Communication of Policies to Staff and Compliance Monitoring

This policy is available for review by all staff. Each staff member must read it and become familiar with its contents. Updates to the policy will be communicated to staff as they become available. Staff compliance with this policy will be monitored on a regular basis to ensure that BitcoinBro remains compliant with UK AML law and regulation.

Annex 1 – Customer Due Diligence Requirements

Customer due diligence (CDD) is required under Regulation 27(1) of the 2017 Regulations when BitcoinBro is establishing a business relationship with a customer, where it or any member of staff suspects money laundering or terrorist financing or where the veracity or adequancy of documents previously obtained for CDD purposes is doubted.

1. CDD at Customer Take-on

For individuals:

– Photo identification showing full name which corresponds to the name in which the customer account is being opened. Any one of the following is acceptable:

  • Passport
  • Driving license (if contains photograph of individual)
  • National ID Card
  • Armed Forces ID Card

For all Passports/Identity Documents ensure the following:

  • The document is valid and shows the issue and expiry dates
  • The photograph is clear and all features are visible
  • The page showing signature is included
  • The place of issue and passport number details are included and are clearly legible
  • Nationality details are included

– Proof of residential address which shows the name of the customer opening the account (documents showing joint names for couples are acceptable). Any one of the following:

  • Valid, full driving license (unless already provided as proof of identity)
  • Utility bill (such as gas, water, electricity, although NOT a mobile phone bill)
  • Television license
  • Home or motor insurance policy document or certificate
  • Bank or building society statement from a financial institution which is, in the opinion of BitcoinBro (in its absolute discretion), reputable
  • Council tax (or equivalent) bill

– All documentation must be from a recognised or verifiable provider and must not be more than three months old.
– In addition, BitcoinBro reserves the right to request additional professional references for KYC purposes in its absolute discretion.

For companies and other corporate bodies:

Each of the following:

– Certificate of incorporation and memorandum and articles of association
– Latest annual return
– Latest statutory report and accounts
– Current shareholder and director registers
– Resolution of the Board of Directors to open an account and identification of those who have authority to operate the account
– Full CDD documentation on each director (see “for individuals” above)
– Full CDD on any company which controls the company applying for the BitcoinBro account
– Full CDD documentation on each ultimate beneficial owner of more than 20% of the company’s share capital. Where there are corporate shareholders, documentation confirming the identity of the ultimate individual beneficial owners must be provided.

For partnerships:

Each of the following:

– Registration certificate (where applicable) or any business registration document (such as a tax registration document, including VAT certificate)
– Copy partnership deed
– Full CDD on all individual partners (see “for individuals” above)

For charities, foundations or trusts:

This category of customer is particularly high risk and BitcoinBro staff must operate CDD procedures with particular care. Charities, foundations and trusts operate with different structures based on the jurisdiction in which they are based. The key priority in CDD for these customers is to understand both of the following:

– Who controls the operation of the charity, foundation or trust? Is it the trustees or somebody else?
– What is the ultimate source of funds for the charity, foundation or trust? Where there is one significant or a group of significant donors or funders, who are they and what is their source of wealth? What control do they have in how the charity, foundation or trust spends or invests its funds?

As a minimum, the following documentation will be required:

– Certificate of incorporation/registration (if applicable – more likely to be applicable to a registered charity or foundation, so check the jurisdiction if in doubt)
– Copy memorandum and articles of association (if applicable – more likely to be applicable to a registered charity or foundation, so check the jurisdiction if in doubt)
– Most recent report and accounts (for all)
– In the case of a trust, a copy of the trust deed, showing the identity of the settlor of the trust and for whose benefit the trust has been established.
– Full CDD on each individual trustee, settlor (in the case of a trust), beneficiary (in the case of a trust) and any significant individual donors or funders (in the case of a charity or foundation).

Retention of CDD Documentation

In accordance with Regulation 40 of the 2017 Regulations, BitcoinBro will retain copies of all documentation provided at customer take on stage. BitcoinBro will retain such copies for at least 5 years from the last date on which the customer transacts with BitcoinBro. Such documentation and personal data contained therein will only be used for BitcoinBro internal compliance purposes.

Use of Onfido

BitcoinBro currently uses Onfido to conduct additional identity verification. Each new customer’s details will be entered into the Onfido system and a report will be generated for that customer. Where the Onfido report flags any issues with the documentation provided, BitcoinBro staff should take steps to obtain additional documentation to satisfy themselves that the information provided by the customer is true and accurate in all material respects.

In addition, Onfido will report on whether the customer is a Politically Exposed Person (see below).

Politically Exposed Persons

Politically Exposed Persons (PEPs) are defined in Regulation 35 of the 2017 Regulations. PEPs are broadly defined as individuals entrusted with prominent public functions, such as heads of state, members of parliament, members of key government bodies and ambassadors, as well as members of their close family. PEPs are deemed to carry a higher risk of money laundering and so enhanced due diligence is required in respect of them, both at take on stage and on an ongoing basis.

Where Onfido reveals that a prospective customer is a PEP, BitcoinBro cannot take on such an individual as a customer without the consent from the managing director or head of compliance.

In addition, the prospective customer will be required, at customer take on stage, to provide information, with supporting evidence of their source of wealth:

– Their current salary and other income; and
– Their liquid assets (including cash and investment portfolio).

The information provide on source of wealth will be required to provide some context to the source of funds for transactions (see below).

2. Refreshed CDD

BitcoinBro staff must request a new set of KYC documentation provided by individual customers in the following circumstances:

– Every three years following the initial take-on of the customer:

  • Fresh photo ID documentation where the documentation previously supplied has since expired.
  • Fresh proof of address documentation.

– Where a customer who has not traded for the previous three years wishes to trade:

  • Fresh photo ID will be required where the documentation previously supplied has since expired.
  • Fresh proof of address documentation.

A new Onfido check should also be carried out whenever new customer documentation is received.

3. Ongoing CDD

Ongoing CDD is required under Regulation 27(8) of the 2017 Regulations for existing clients at appropriate times based on the risk based approach adopted by BitcoinBro. This will be based on a qualitative or quantitative review of customer activity and will be required where:

– Any member of staff becomes aware that the circumstances of an existing customer which are relevant to a previous assessment of the risk of money laundering or terrorist financing have changed.
– Where there are indications that the identity of a customer or, in relation to a corporate body, its beneficial owner, has changed.
– A customer is carrying out transactions which are not reasonable consistent with BitcoinBro’s previous knowledge or experience of that customer.
– The purpose or intended nature of BitcoinBro’s relationship with the client change for any reason.
– There exist any other events or circumstances which might affect BitcoinBro’s assessment of the money laundering or terrorist financing risk in relation to that customer.

Potential issues to be aware of include (not an exhaustive list):

– Where the identity of the holder of the bank account from which funds are being remitted to BitcoinBro does not match the name of the customer which BitcoinBro has on file. Where such funds are received, no trade should take place and BitcoinBro staff should immediately contact the customer to request an explanation, which once received should be referred to the managing director or head of compliance. In the case of joint accounts where one account holder is the customer, KYC documentation should be obtained in the other account holders before any trade can proceed. Money should not be returned to the customer without the consent of the head of compliance (an immediate return of funds may alert a customer that money laundering is suspected, thus exposing BitcoinBro and its staff to criminal liability under the “tipping off” offence under POCA).
– Being asked to accept cash to trade with BitcoinBro. BitcoinBro operates a strict no-cash policy.
– Becoming or being made aware that the cryptocurrency wallet from which BitcoinBro is receiving cryptocurrency or to which it is asked to transfer cryptocurrency does not belong to the client.
– Any unusual pattern of trades, such as a one-off large trade or series of large trades, which is inconsistent with historic trading patterns.
Anything which raises suspicions in relation to a customer should be reported to the managing director or head of compliance immediately.

Source of Funds Requests / ”Source of Crypto” Verification

Certain trades will require confirmation as to source of funds before they can be made. These are:

– Any trade from a PEP customer
– Any trade from a non-PEP customer with a fiat value in excess of £10,000
– Any trade from a non-PEP customer which would result in that customer having traded cryptocurrency with a fiat value of more than £10,000 with BitcoinBro in the previous 12 months.

Customers requested to provide confirmation of source of funds should provide:

– An explanation of where the funds for the trade in question have originated (from income, savings, liquidation of another asset etc).
– Depending on the explanation of the source of funds, documentary evidence of the explanation, such as copy bank
statements, investment account records or a solicitors’ or accountants’ letter confirming source of funds.
– In the case of cryptocurrency-to-fiat transactions, evidence of the original fiat-to-cryptocurrency transaction and the source of the fiat funds for that original acquisition. This will include details of the original transaction or transactions, including time, date and transferor/transferee wallet details. BitcoinBro reserves the right to carry out due diligence via analysis of the blockchain to verify past transactions, including cross checking against any “blacklisted” wallets associated with historical illegal behaviour (such as the Mt.Gox theft or wallets linked to cyber-extortion). This may include using Chainalysis (www.chainalysis.com) for due diligence purposes. With some cryptocurrencies (such as XRP and some altcoins), blockchain analysis may not be possible, in which case the client will be expected to provide independent verification of historical transactions.

For high value transactions, BitcoinBro staff also reserve the right to verify that the cryptocurrency wallet from which a client is sending cryptocurrency or to which BitcoinBro is asked to send cryptocurrency belongs to that client. This will typically consist of a small pilot transfer of cryptocurrency to the client wallet which the client will transfer back to evidence of client wallet control.

The head of compliance should be consulted in each source of funds request and, following receipt of relevant documentation, his/her consent obtained before any trade may take place.