EN

AML Policy

Methodological recommendations on combating money laundering and terrorist financing
  1. INTRODUCTION

    The purpose of this Anti-Money Laundering (AML), Financing of Terrorism (FT) and Sanctions Guide is to provide Top-crypto.shop (the “Company”) with internal guidelines to prevent its business from being used for money laundering and terrorist financing. . and apply international sanctions. These Guidelines are adopted to ensure the Company's compliance with the rules and regulations set forth in the Law of the Republic of Lithuania on Prevention of Money Laundering and Terrorist Financing (hereinafter referred to as the "Law") and other applicable legislation.

    This handbook shall be reviewed by the Board of Directors at least annually. The company's Money Laundering Reporting Officer (MLRO) or internal control officer may recommend that this guidance be reviewed more frequently, as appropriate.

    All definitions in this manual are used within the meaning of the Law on the Prevention of Money Laundering and the Financing of Terrorism and other applicable laws of the Republic of Lithuania.

  2. CONTACTS
    • The company name: TOP SHOP POLAND.
    • Konduktorska 18/7, 00-775 Warszawa Regon
    • 52689820600000, NIP:5214044115
    • +(487) 288-497-19
    Principles of implementation of activities carried out by customers

    Customer Due Diligence (CDU) measures are required to verify the identity of new or existing customers as part of ongoing risk-based monitoring of business relationships with customers. NPC measures are divided into three levels, including simplified due diligence measures and enhanced due diligence measures, as described below.

  3. Principles
    1. Basic principles

      In such cases, NPC measures are used and implemented as necessary, taking into account the client's risk profile and other circumstances:

      • During the establishment of business relations and during the constant monitoring of business relations;
      • Carrying out or brokering a one-time transaction (the same as a transaction) outside the business relationship within 24 hours with a transaction amount of EUR 700 or more (or an equivalent amount in other assets);
      • When verifying information collected during due diligence or updating relevant data, doubts arise as to the validity or reliability of previously collected documents or data;
      • Notwithstanding any exclusions, exceptions or limitations set forth in these Guidelines and applicable law, suspected money laundering or terrorist financing.

      The company has no right to establish or maintain business relations and conclude agreements if:

      • the Company's failure to take any necessary action regarding NPK;
      • Our services or transactions are suspected to be used for money laundering or terrorist financing;
      • The risk level of the customer or transaction does not match our risk appetite.

      If the company receives information in a foreign language during the execution of the NPC, it can request a translation of the document into another language that is understandable to the company and its employees. If the original document is in a language your company understands, you should avoid using a translation.

      The implementation of the ZNP is a process that begins with the implementation of the ZNP measures. At the end of this process, the client is assigned a documented personal risk level, which is the basis for further actions and is reviewed and updated as necessary.

      A company has properly conducted due diligence if it internally believes that its due diligence obligations have been met. A company should make a reasonable assessment of its internal beliefs about the application of due diligence.

      The principle of reasonableness refers to the application of PPE measures taking into account the level of risk of the client, the risks associated with business relations and the nature of these business relations, as well as for the purpose of getting to know the client and his interests (business) activity, the adequacy of the relevant information of the client, the activity of clients, the purpose business relations and business conducted within the framework of business relations, sources of funds, etc. This means gaining knowledge, understanding and confidence that enough information has been collected about the client, its activities, the purpose of the business relationship and transactions carried out within the framework of the business relationship, the source of funds, etc., to understand the client and its (business) activities. This level of assurance should enable the detection of complex and unusual transactions (trading schemes) that do not have a reasonable or obvious economic or legal purpose or are unusual in nature.

    2. Conduct simple website due diligence (Level 1), support the use of privacy pages and improve the website;

      If the customer's risk profile indicates a low risk of money laundering/terrorist financing, simplified due diligence measures will be applied.

      When applying simplified comprehensive verification, the company receives only data about the client as a natural person:

      • First and last name;
      • personal number; or

      For customers who are legal entities, the following data:

      • Trade name or position
      • legal form;
      • Registration number, if it was issued;
      • Main office (address) and actual business address;
      • Name, surname, personal number or date of birth of the representative of the customer;
      • Make sure that the first payment is made through the account of the credit institution and, if the credit institution is registered in the European Economic Area or in a third country, set the same requirements as those set out in the relevant legislation and be subject to supervision by the competent authority. to ensure compliance with these requirements.

      Simplified due diligence measures can be applied only under the condition of constant monitoring of the client's business relations in accordance with the Guidelines and the possibility of identifying suspicious monetary transactions and operations.

      Expedited due diligence should not be used in situations where enhanced due diligence is required (as discussed below).

      If in the course of ongoing monitoring of business relationships with clients, the Company determines that the risk of money laundering and/or terrorist financing is not low, appropriate levels of CSI measures will be taken.

    3. Application of Standard Due Diligence (Level 2)

      Standard due diligence measures apply to all customers covered by the SOPs outlined in this manual. The following standardized due diligence measures apply

      • The client identifies and verifies the information provided based on information obtained from reliable independent sources;
      • The client identifies and verifies the information provided based on information obtained from reliable independent sources;
      • Taking steps to identify and confirm the identity of the beneficial owners so that the company is confident that it knows who the beneficial owners are and understands the client's ownership and control structure;
      • Learn about business relationships, transactions or operations and collect necessary information;
      • Collect information about whether the client is a Politically Prominent Person (PEP), a family member of a PEP, or a person known to be close to a PEP;
      • Monitoring of business relations.

        • The above measures of the CPC should be applied when establishing business relations or carrying out a transaction.

    4. Apply enhanced due diligence measures (level 3)

      In addition to standard due diligence measures, the Company also uses enhanced due diligence measures to manage and mitigate identified money laundering and terrorist financing risks if the risk is considered higher than usual.

      The Company will always take enhanced due diligence measures in the following circumstances:

      • If the client's risk profile indicates a high level of AML/CFT risk.
      • If, after identifying the client or checking the provided information, there are doubts about the authenticity of the provided data, the authenticity of the documents or the identity of the beneficiary;
      • When establishing cross-border agency relations with clients of financial institutions of third countries;
      • to have an agreement or business relationship with a politician, a member of a politician's family or a person who is a close relative of a politician;
      • If the transaction or business relationship takes place with an individual or a registered legal entity that is a resident of a high-risk third country as defined by the European Commission;
      • Countries or territories in which the customer is a resident or has a residence or location that does not have an effective system to prevent money laundering and terrorist financing in accordance with the recommendations of the Financial Action Task Force (FATF) based on reliable sources such as peer reviews , reports or published follow-up reports, or the place of business or place of business of the payee's payment service provider.

      Before conducting enhanced due diligence, our staff must determine that a business relationship or transaction is high risk. First, before applying enhanced control measures, employees assess the presence of the above-mentioned signs and apply them independently (that is, each identified factor allows the application of enhanced control measures to the customer).

      Employees must notify the implementation of enhanced verification measures by sending a message to the specialist responsible for reporting money laundering activities within two working days of the implementation of enhanced verification measures.

      If enhanced due diligence measures are in place, firms must reassess the customer's risk profile within six months.

  4. CLIENT DUE DUE MEASURES
    1. Customer identification (natural person)

      We identify you as an individual and, where applicable, as your agent and store the following data about you:

      • name(s) and surname(s);
      • personal number;
      • citizenship;
      • a photograph;
      • signature.

      Identification of a natural person may be based on a valid identity document containing the above-mentioned data

      • National identity card of the Republic of Lithuania;
      • Identity card of a foreigner;
      • Residence permit in the Republic of Lithuania;
      • Driver's licenses issued by countries of the European Economic Area in accordance with the requirements set out in Annex I to Directive 2006/126/EC of the European Parliament and of the Council of December 20, 2006 on driver's licenses (new types).

      Individual customers may not hire agents who have business relations with the Company or enter into one-off contracts.

    2. Client identification is a legal entity

      We identify our customers as legal entities and their representatives and store the following data about them:

      • Trade name or position
      • Organizational and legal forms
      • Registration number, if provided;
      • Name, personal identification number (for foreign nationals - date of birth or personal identification number (if available) or other unique string used to identify an individual), citizenship and authority or other equivalent authority as provided by the client Material;
      • Certificate of registration and date of issue.
      • Head office (address) and physical address of the enterprise.

      The following documents issued by competent authorities or institutions within six months prior to use may be used to identify customers

      • Registration card from the relevant register;
      • Certificate of registration in the relevant register;
      • Documents equivalent to the above or related documents related to the establishment of the client.

      The Company uses information obtained from reliable independent sources to verify the accuracy of the above customer data. If we have access to the relevant company registers, the above documents may not be required from the client.

      Legal entities and legal representatives can be verified on the basis of notarized or officially certified documents, as indicated above, or on the basis of other information from reliable independent sources, such as means of electronic identification or trust services for electronic transactions, so that in this case To confirm the data at least two different sources of information were used.

    3. Identification of beneficial owners of the client

      We identify your beneficial owners and take steps to verify their identity so that we can reliably determine who the beneficial owners are. We collect the following information about your beneficial owners

      • name(s) and surname(s);
      • personal number;
      • citizenship.

      Companies must require customers to provide information about the customer's beneficial owner (for example, give the customer the option to specify the beneficial owner when collecting customer data).

      The Company cannot enter into a business relationship with an individual customer if the beneficial owner of the customer is not the same person as the customer.

      The determination of the beneficial owner of the legal entity is carried out in stages, and the company will proceed to the next stage only if the beneficial owner of the legal entity cannot be determined at the previous stage. The stages are as follows:

      • Identifies a natural or legal entity, large or small, directly or indirectly through its shares, voting rights or nature of ownership;
      • Identifies the persons who own or control the legal entity by owning, directly or indirectly, the shares of the legal or individual clients involved in the transaction. Family and contractual relationships should also be taken into account;
      • Since the company cannot identify the beneficial owners, the first two steps identify senior managers as beneficial owners.

      If the document or other material identifying the legal entity does not clearly state who is the beneficial owner of the legal entity, the relevant data (including data on group membership, ownership structure and management of the group) is based on the declaration of the legal representative or representative of the person. in person, must be registered.

    4. Identification of politically significant persons.

      The firm must take steps to determine whether the client, the client's beneficial owner, or the client's agent is an associate, family member, or business associate of the public figure, or whether the client has become an associate, family member, or associate member of the corporate public figure..

      Companies must request information from customers to determine whether the customer is a politically important, family member, or business associate (for example, by giving customers the option to provide relevant information when collecting customer data).

      We verify the data we receive from our customers by sending queries to the relevant databases or by checking the websites of the relevant regulatory authorities or agencies in the country where the customer lives or resides, and we additionally verify the identification information using international search engines (such as Google) and local search engines (if applicable) in the customer's country of origin. Check by entering the customer's name in Latin or local characters and entering the customer's date of birth using the local search engine of the customer's country of origin (if available).

      The company identifies its business partners and family members only if their relationship with a politician is publicly known or there is reason to believe that such a relationship exists.

      If a public entity client no longer performs a critical government function, the firm should review the remaining risks associated with the client for at least 12 months and take appropriate action based on the risk assessment if it is satisfied that the risks inherent in the public entity , disappeared. ceased to exist.

    5. Determine the purpose and nature of the business relationship or transaction

      Securities intermediaries must understand the purpose and nature of the business relationship or transaction. In order to understand the purpose and nature of the business relationship or transaction related to the services provided, the Company may request the following information from the Client

      • Whether customers use our services for their own needs or on behalf of others;
      • contact information;
      • Information about the client's legal address and physical place of residence;
      • Expected volume of the company's business for the year;
      • Intended sources of funds used in business relationships or transactions;
      • Correspondence of business relations or business to the client's economic or professional activity and a description of this activity;
      • If the transaction amount (including expected amounts) exceeds the established limits, provide information about the business relationship or source of funds related to the transaction.
      • We take additional steps and collect additional information to determine the purpose and nature of the business relationship or one-time transaction when:
      • High or unusual staff turnover.
      • When the risks and/or risk profile associated with the nature of the customer and the business relationship require additional measures to be taken to properly monitor the business relationship in the future.

      If the customer is a legal entity, in addition to the above, we determine the scope of the customer and accordingly determine what the customer deals with and intends to deal with in the business relationship, as well as its compliance with the purpose and character of being reasonable, understandable and justified. Smart, clear, intelligent.

      Areas of activity should match the experience profile of the client and/or representative (or key person) of the beneficial owner. Thus, the company must determine whether its representatives and/or beneficial owners have the competences, abilities, skills and knowledge (general experience) to work in this field of activity, as well as the established workload and business partners.

    6. Monitoring of business relations

      Ensure regular updates of documents, data or information collected during due diligence activities and when triggering events occur, i.e. data that primarily relates to the client, its agents (including representation rights) and beneficial owners, as well as the purpose and nature of the business relationship ;

      • Whether customers use our services for their own needs or on behalf of others;
      • Continuously monitor the business relationship covering the activities conducted within the business relationship to ensure that the business relationship is consistent with the company's understanding of the client, its business and risk profile;
      • Identification of sources and sources of receipt of funds used in the agreement.

      Firms should regularly review and update the documents, data and information gathered during customer due diligence activities and update the customer risk profile. The frequency of reviews and updates should be based on the client's risk profile and at least once a year:

      • For clients of the risk group - every six months;
      • Annually for clients with an average risk profile;
      • Every two years for low-risk clients.

      Collected documents, data and information should also be reviewed when events indicate the need for updating.

      In the course of continuous monitoring of the transaction, the Company has the opportunity to determine whether the transaction corresponds to the previously established information about the client (ie, the information specified by the client during the establishment of the relationship with the client, or the information received by the client during the relationship with the client). The relationship includes the agreements entered into during the relationship with the customer. Monitor to make sure.

      The Company also monitors business relationships to identify customer activities or facts that indicate criminal activity, money laundering or terrorist financing or that may be related to money laundering or terrorist financing, which may include reasonable or apparent economic or legal difficulty, lack of objectives or commercial characteristics Expensive and unusual deals and business plans. Throughout the life of the business relationship, companies must continually assess changes in customer activity to determine whether those changes increase the level of risk associated with the customer and the business relationship and warrant enhanced due diligence.

      Continuing the monitoring of its business relations, the Company took the following measures:

      • Verification: Track transactions in real time.
      • Monitoring, i.e. analysis of future operations.

      The purpose of screening is to detect

      • Suspicious and unusual transactions and trading schemes.
      • The transaction amount exceeds
      • Conditions and sanctions against politically important figures.

      Verification of transactions is automated and includes the following measures

      • Set a customer transaction threshold based on the customer's risk profile and the expected transaction volume stated by the customer;
      • Ranking of virtual currency wallets that send virtual currency based on customer orders;
      • Rate wallets that receive virtual currency.

      If the transaction indicated by the customer exceeds the established threshold or is related to a high-risk virtual currency wallet (for example, wallets related to fraud, crime, etc.), the transaction must be manually approved by an employee or additional measures (for example, program improvement , customer due diligence measures, source of funds request or other transaction information request). Requests for source of funds or other information regarding a transaction must be manually approved by an employee who must assess the need for such additional CCP measures (eg, apply enhanced customer due diligence measures, request the source and origin of funds) or request additional information about the transaction.

      When monitoring operations, employees should evaluate their performance to identify any behaviors or actions that may lead to:

      • Deviation from what can reasonably be expected based on the actions taken by the NPC, the services provided, the information provided by the customer and other circumstances (for example, exceeding the expected transaction volume, sending virtual currency to a new virtual currency wallet each time), exceeding the transaction volume limit ;
      • Waiver of the rights set forth in the preceding paragraph may be considered part of money laundering or terrorist financing;
      • may affect the assessment of the client's risk profile.

      In case of discovery of any of the above-mentioned facts, the employee is obliged to notify the expert responsible for reporting money laundering, and postpone the client's operation until the decision is made by the expert responsible for reporting money laundering.

      In addition to the above, anti-money laundering officers should regularly (at least weekly) review the company's operations to ensure that

      • The company's employees correctly performed the above duties;
      • There are no complex, expensive or unusual transactions or arrangements that do not have a reasonable or obvious economic or legal purpose or are not typical of the particular circumstances.

      If necessary, we will determine the source and origin of the funds used for the transaction. The need to determine the source and origin of funds depends on the previous activity of the client and other known information. Thus, identification of the source of the funds used in the transaction is necessary when:

      • If the transaction exceeds the limits set by the company;
      • The transaction does not correspond to the previously known information of the client;
      • The firm must assess or reasonably consider whether the transaction is consistent with information already known about the customer;
      • The Company is not responsible for any transactions that indicate the existence of criminal activity, money laundering or terrorist financing, or are suspected to be related to money laundering or terrorist financing (including complex, expensive and unusual transactions and lack of reasonable or obvious trading plan). Economic or legitimate purposes or purposes of an unusual business nature. Plans included.
  5. TERMINATION OF THE CONTRACT OR BUSINESS RELATIONSHIP AND THEIR TERMINATION

      The Company is prohibited from entering into business relationships and must terminate any business relationships or contracts entered into (except where it is objectively impossible to do so):

      • Suspect of money laundering and terrorist financing;
      • If the customer does not provide or refuses to provide the relevant data, or if there is no reason to believe that the data collected is sufficient, we cannot apply CPC measures;
      • When a client whose capital consists of bearer shares or other bearer securities wishes to enter into business relations;
      • The customer, a natural person, tries to establish a business relationship with another person behind the scenes, but actually benefits from it (suspicion of using an external person);
      • If the customer's risk profile no longer meets our risk appetite (ie the customer's risk profile level is "Prohibited").

      If the business relationship is terminated in accordance with the provisions of this chapter, the securities trading company shall, within a reasonable period of time, preferably within 10 business days after the termination, transfer the funds to an account registered in the country or open credit institution in which the company is located. Transfer of the Client's assets to an account opened in a registered credit institution or located in a member state of the European Economic Area, in a member state of the European Economic Area or in a country where the requirements set forth in the relevant Directives of the European Union apply. Parliament and the Council and equivalent requirements apply. In exceptional cases, funds may be transferred to an account separate from the client's account or withdrawn in cash. Regardless of the recipient of the funds, during the transfer of the client's assets, the minimum required information in English in the payment details is that the transfer relates to the temporary termination of the relationship with the client.

    1. Unacceptable customers

      If the business relationship is terminated in accordance with the provisions of this chapter, the securities trading company shall, within a reasonable period of time, preferably within 10 business days after the termination, transfer the funds to an account registered in the country or open credit institution in which the company is located. Transfer of the Client's assets to an account opened in a registered credit institution or located in a member state of the European Economic Area, in a member state of the European Economic Area or in a country where the requirements set forth in the relevant Directives of the European Union apply. Parliament and the Council and equivalent requirements apply. In exceptional cases, funds may be transferred to an account separate from the client's account or withdrawn in cash. Regardless of the recipient of the funds, during the transfer of the client's assets, the minimum required information in English in the payment details is that the transfer relates to the temporary termination of the relationship with the client.

      • The client does not provide or refuses to provide the data and information necessary for identity verification without legitimate reasons;
      • Cans-shells;
      • Customers from countries prohibited by national law or international sanctions;
      • Customers subject to international sanctions legislation;
      • Customers subject to European Union sanctions;
      • Companies suspected of money laundering or terrorist financing;
      • Any other customer that we consider to be a high risk to our business or that is suspected of money laundering or terrorist financing.

      We do not recognize individual clients or agents from the following countries: Afghanistan, Barbados, Belarus, Burkina Faso, Myanmar (Myanmar), Cambodia, Cayman Islands, Crimea (Ukraine), Democratic People's Republic of Korea, Cuba, Donetsk ( Ukraine) District, Haiti, Iran, Jamaica, Jordan, Morocco, Pakistan, Panama, Philippines, Pakistan, Pune, Sri Lanka, Sudan, Syrian Arab Republic, United Arab Emirates, United States of America, Great Britain and United Kingdom Ireland, Jamaica, Luhansk (Ukraine), Male Morocco, Nicaragua, Pakistan, Panama, Philippines, People's Republic of China, Russia, Senegal, South Sudan, Syria, Trinidad and Tobago, Uganda, Vanuatu, Yemen, Zimbabwe

      Individuals or entities from jurisdictions that require a special permit or license will not be accepted as clients unless the Company has obtained such permit or authorization.

  6. IMPLEMENTATION OF SANCTIONS

    After sanctions take effect, change, or terminate, firms are required to determine whether the client, their beneficial owners, or any person with whom they do business or intend to do business with them is a sanctioned person. If the company has identified a person against whom sanctions have been applied, or if this person plans or carries out an operation that violates sanctions, the company must impose sanctions and notify the State Financial Monitoring Service within three hours.

    1. Procedures for determining violations of authority and authorized operations.

      We will use at least the following sources of information (databases) to correlate your sanctions

      https://www.sanctionsmap.eu/#/main

      https://scsanctions.un.org/search/

      In addition to the above sources, companies may use other sources of information identified by employees to whom PPE measures apply.

      Personal data relating to an individual must be used to verify that the individual's name received in response to the request matches the individual's name in the notification containing the sanctions. For a legal entity, the main characteristics are its name or trademark, registration number or date of registration, for an individual - its name, ID number or date of birth.

      In order to determine whether the person named in the relevant legal action or notice corresponds to the person identified in the database query, we will use the following factors to determine whether the personal data is distorted (for example, transcription of a foreign name, different order of words , phonetic characters or double substitutions of letters). The names of individuals identified in response to the request will be analyzed.

      We will carry out the above checks on an ongoing basis throughout our established business relationship. The current frequency of inspections depends on the client's risk profile:

      • Once a week for high-risk clients;
      • Once a month for clients with an average risk profile;
      • For clients with a low level of risk - once a quarter.

      If an employee suspects that an individual has been sanctioned, the MLRO or a member of the Board of Directors must be notified immediately. In such cases, the OPRD or a member of the committee shall decide whether to request and obtain additional information from the individual or to immediately notify the Federal Republic of Yugoslavia of the suspicious circumstances.

      First, we will obtain, on our own initiative, additional information about persons with whom we enter into business relations, conduct business with us, with whom we seek to establish business relations or conduct activities, or with whom we seek to establish business relations or conduct activities with whom you aspire to do business, prioritize information from reliable, independent sources. If for any reason such information is not available, we will ask the people with whom we do business or with whom we intend to conduct business or activities and with whom we do business or with whom we intend to do business. or conduct business, if such information is obtained from reliable, independent sources, we will appreciate their responses.

    2. Actions to be taken in the event of detection of sanctioned individuals or sanctions-violating transactions.

      If an employee of the Company becomes aware that a client with whom the Company has business relations or conducts business, as well as a person who has business relations or intends to conduct business with the Company, is a person to whom sanctions have been applied, he is obliged to immediately notify the OUVP or a member of the Management Board about the person's identity, whether there was any suspicion about the person and the measures taken. OPRV or the Board of Directors shall.

      The MLRO or board member must take the necessary steps to address the refusal to settle and the imposition or application of sanctions, and must immediately notify FCIS of their suspicions and the steps taken.

      After determining the object of sanctions, it is necessary to determine the measures that must be taken to apply sanctions to this person. As these measures are listed in the regulations to which sanctions apply, it is necessary to precisely define the sanctions that apply to individuals to ensure that the measures are implemented legally and correctly.

    7. If you have any questions or wishes, please contact: top-crypto.shop.