• Become a partner
Book a Callarrow right
©2025 AFIPAY. All Rights Reserved.
Book a Callarrow right
menu toggleMenu
  • Terms of Use
  • Privacy Policy
  • Privacy Policy
  • AML Policy

AML Policy

Alphacom Sp. z o.o. (“AFIPAY” / “Company“) has no tolerance for money laundering, the financing of terrorism or any other form of illicit activity, and is committed to implementing policies, procedures and controls shaped by the best industry practices and the most effective anti-money laundering standards applied in Poland and worldwide. These rules apply to, without exception, all employees of the Company, its Board members, officers, contractors, and consultants.

The purpose of this document is to provide the Company’s partners, clients, vendors, contractors, employees, regulators, law enforcement and other concerned stakeholders with a high-level overview of the Company’s AML/CTF compliance regime elements and procedures. By no means this document shall not be read as an entire set of all policies, procedures and controls in place implemented by the Company for prevention of money laundering, financing of terrorism and other forms of illicit activity.

This document and all underlying policies, processes and procedures are prepared in line with provisions, requirements and recommendations of:

  • FATF Guidance for a Risk-Based Approach to Virtual Assets and Virtual Assets Service Providers.

As a regulated business, AFIPAY is required to comply with the Money Laundering and Terrorist Financing Prevention Act and International Sanctions Act, which require AFIPAY to identify and verify its clients’ identities, conduct ongoing monitoring of their activity, including transaction monitoring, maintain records of clients’ activity and related documents for at least five years and report certain transactions to authorities.

The Company understands money laundering as:

  • the conversion or transfer of property, knowing that such property is derived from criminal activity or from an act of participation in such activity, for the purpose of concealing or disguising the illicit origin of the property or of assisting any person who is involved in the commission of such an activity to evade the legal consequences of that person’s action;
  • the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect to, or ownership of, property, knowing that such property is derived from criminal activity or from an act of participation in such an activity;
  • the acquisition, possession or use of property, knowing, at the time of receipt, that such property was derived from criminal activity or from an act of participation in such an activity;
  • participation in, association to commit, attempts to commit and aiding, abetting, facilitating and counselling the commission of any of the actions referred to in points (a), (b) and (c).

Terrorist financing provides funds for terrorist activity. Terrorist activity has as its main objective to intimidate a population or compel a government to do something. This is done by intentionally killing, seriously harming or endangering a person, causing substantial property damage that is likely to seriously harm people or by seriously interfering with or disrupting essential services, facilities or systems.

Risk-Based Approach and Risk Assessment

AFIPAY will perform a risk-based due diligence and collect information and documentation on each prospective client in order to assess the risk profile associated. The Company’s employees will exercise care, due diligence and good judgement in determining the overall character and nature of all clients. AFIPAY conducts its business in accordance with the highest ethical standards and will not enter into business relationships with individuals or entities that may adversely affect Company’s reputation and compromise virtual currency industry.

For the purpose of identification, assessment and analysis of risks of money laundering and terrorist financing related to its activities, the Company prepares a risk assessment, taking account of the following categories:

  • Customer risk;
  • Geographical risk;
  • Product risk; and
  • Delivery channel risk.

After the risk assessed and attributed to a particular customer, depending on degree of risk, it should be revised periodically upon knowledge of the customer and its activity.

Compliance Officer

The duties of a Compliance Officer include, inter alia:

  • organisation of the collection and analysis of information referring to unusual transactions or transactions or circumstances suspected of money laundering or terrorist financing, which have become evident in the activities of the Company;
  • reporting to the Polish Financial Supervision Authority (KNF) in the event of suspicion of money laundering or terrorist financing; periodic submission of written statements on compliance with the requirements arising from the Act to the management board of the Company;
  • performance of other duties and obligations related to compliance with the requirements of the Act.

Rules of Procedure and Internal Control Rules

The Company has developed and implemented rules of procedure that allow for effective mitigation and management of risks relating to money laundering and terrorist financing, which are identified in the risk assessment performed in accordance with the Company’s risk-based approach described above.

Each employee of the Company should strictly adhere to rules of procedure set forth herein.

The rules of procedure consist of the following:

  • - a procedure for the application of due diligence measures regarding a customer, including a procedure for the application of simplified and enhanced due diligence measures;
  • - a model for identification and management of risks relating to a customer and its activities and the determination of the customer’s risk profile;
  • - the methodology and instructions where the Company has a suspicion of money laundering and terrorist financing or an unusual transaction or circumstance is involved as well as instructions for performing the reporting obligation;
  • - the procedure for data retention and making data available; instructions for effectively identifying whether a person is a politically exposed person or a local politically exposed person subject to international sanctions.

The Company applies the following due diligence measures:

  • - identification of a customer and verification of the submitted information based on information obtained from a reliable and independent source, including using means of electronic identification and of trust services for electronic transactions;
  • - identification of the beneficial owner and, for the purpose of verifying their identity, taking measures to the extent that allows the Company to make certain that it knows who the beneficial owner is, and understands the ownership and control structure of the customer;
  • - understanding of business relationships, and, where relevant, gathering information thereon;
  • - gathering information on whether a person is a politically exposed person, their family member or a person known to be close associate; monitoring of a business relationship.

Simplified Due Diligence

The Company may apply simplified due diligence (“SDD“) measures where a risk assessment prepared on the basis of these rules of procedure identifies that, in the case of the economic or professional activity, field or circumstances, the risk of money laundering or terrorist financing is lower than usual.

Before the application of SDD measures to a customer, an employee of the Company establishes that the business relationship, transaction or act is of a lower risk and the Company attributes to the transaction, act or customer a lower degree of risk.

The application of SDD measures is permitted to the extent that the Company ensures sufficient monitoring of transactions, acts and business relationships, so that it would be possible to identify unusual transactions and allow for notifying of suspicious transactions in accordance with these rules of procedure.

Enhanced Due Diligence

The Company applies enhanced due diligence (“EDD“) measures in order to adequately manage and mitigate a higher-than-usual risk of money laundering and terrorist financing.

EDD measures are applied always when:

  • - upon identification of a person or verification of submitted information, there are doubts as to the truthfulness of the submitted data, authenticity of the documents or identification of the beneficial owner;
  • - the customer is a politically exposed person, except for a local politically exposed person, their family member or a close associate;
  • - the customer is from a high-risk third country or their place of residence or seat in a high-risk third country;
  • - the customer is from such country or territory that, according to credible sources such as mutual evaluations, reports or published follow-up reports, has not established effective AML/CTF systems that are in accordance with the recommendations of the Financial Action Task Force, or that is considered a low tax rate territory.

The Company applies EDD measures also where a risk assessment prepared on the basis of these rules identifies that, in the case of the economic or professional activity, field or factors, the risk of money laundering or terrorist financing is higher than usual.

PEP Definition and Screening

Politically Exposed Persons (“PEP“) (as well as their families and persons known to be close associates, as described below) are required to be subject to enhanced scrutiny by reporting entities. This is because international standards issued by the Financial Action Task Force recognize that a PEP may be in a position to abuse their public office for private gain and a PEP may use the financial system to launder the proceeds of this abuse of office.

PEP means a natural person who is or who has been entrusted with prominent public functions including:

  • head of State;
  • head of government;
  • minister and deputy or assistant minister;
  • a member of parliament or of a similar legislative body;
  • a member of a governing body of a political party;
  • a member of a supreme court;
  • a member of a court of auditors or of the board of a central bank;
  • an ambassador, a chargé d’affaires and a high-ranking officer in the armed forces;
  • a member of an administrative, management or supervisory body of a State-owned enterprise;
  • a director, deputy director and member of the board or equivalent function of an international organisation,

PEPs do not include middle-ranking or more junior officials.

Family member of a PEP means the spouse, or a person considered to be equivalent to a spouse, of a PEP or local PEP; a child and their spouse, or a person considered to be equivalent to a spouse, of a PEP or local PEP; a parent of a PEP or local PEP.

Person known to be close associate of a PEP means a natural person who is known to be the beneficial owner or to have joint beneficial ownership of a legal person or a legal arrangement, or any other close business relations, with a PEP or a local PEP; and a natural person who has sole beneficial ownership of a legal entity or legal arrangement which is known to have been set up for the de facto benefit of a PEP or local PEP.

Sanctions Screening

Dealing with persons against which imposed international sanctions poses a great risk to the Company, its directors, officers and owners.

The Company will perform sanction screening of its customers on the same matching rules, as for PEP screening.

The Company will perform screening, at minimum, against the following sanctions lists:

  • UN Sanctions;
  • EU Sanctions;
  • Sanctions administered by the Office of Financial Sanctions Implementation (“OFSI-UK”)
  • Sanctions administered by the Office of Foreign Assets Control (“OFAC-US“);
  • Sanctions imposed under the International Sanction Act.

All matches (true hits) will be escalated to a Compliance Officer for further action and processing.

Suspicious Activity Monitoring and Reporting

Where the Company identifies an activity or facts whose characteristics refer to the use of criminal proceeds or terrorist financing or other criminal offences or an attempt thereof or with regard to which the Company suspects or knows that it constitutes money laundering or terrorist financing or the commission of another criminal offence, a Compliance Officer of the Company must report it to the KNF immediately, but not later than within two working days after identifying the activity or facts or after getting the suspicion.

The Company and all its employees, officers and directors are prohibited to inform a person, its beneficial owner, representative or third party about a report submitted on them to the KNF, an intention to submit such a report as well as about the commencement of criminal proceedings.

Data Retention

The Company must retain the documents and information which served for identification and verification of clients, no less than five years after termination of the business relationship.

The Company implements necessary rules for protection of personal data upon application of the requirements arising from its obligations hereunder.

The Company is allowed to process personal data gathered upon implementation of these rules only for the purpose of preventing money laundering and terrorist financing and the data must not be additionally processed in a manner that does not meet the purpose, for instance, for marketing purposes.

Training

The Compliance Officer shall ensure that Company’s employees are fully aware of their legal obligations under the AML/CTF regime, by introducing a complete employees’ education and training program.

The timing and content of the training provided is determined according to the needs of the Company. The frequency of the training can vary depending on to the amendments of legal and/or regulatory requirements, employees’ duties as well as any other changes in the business model. The training program aims at educating the Company’s employees on the latest developments in the prevention of money laundering and terrorist financing, including the practical methods and trends used for this purpose.

Cooperation and Exchange of Information

The Company cooperates with supervisory and law enforcement authorities in preventing money laundering and terrorist financing, thereby communicating information available to the Company and replying to queries within a reasonable time, following the duties, obligations and restrictions arising from legislation. For any relevant requests please contact us at [email protected]. Please note that in case you represent the law enforcement agency outside of the European Union, procedure under the Mutual Legal Assistance Treaty (MLAT) may apply.

Both international and local regulations require AFIPAY to implement effective internal procedures and mechanisms to prevent money laundering, terrorist financing, drug and human trafficking, proliferation of weapons of mass destruction, corruption and bribery and to take action in case of any form of suspicious activity from its Users.

KYC Policy covers the following matters:

  • Verification procedures.
  • Monitoring Transactions.
  • Risk Assessment.

1. Verification procedures

One of the international standards for preventing illegal activity is customer due diligence (“CDD”). According to CDD, AFIPAY establishes its own verification procedures within the standards of anti-money laundering and “Know Your Customer” frameworks.

1.1. Identity verification

AFIPAY’s identity verification procedure requires the User to provide AFIPAY with reliable, independent source documents, data or information (e.g., national ID, international passport, bank statement, utility bill). For such purposes AFIPAY reserves the right to collect User’s identification information for the AML/KYC Policy purposes.

AFIPAY will take steps to confirm the authenticity of documents and information provided by the Users. All legal methods for double-checking identification information will be used and AFIPAY reserves the right to investigate certain Users who have been determined to be risky or suspicious.

AFIPAY reserves the right to verify User’s identity in an on-going basis, especially when their identification information has been changed or their activity seemed to be suspicious (unusual for the particular User). In addition, AFIPAY reserves the right to request up-to-date documents from the Users, even though they have passed identity verification in the past.

User’s identification information will be collected, stored, shared and protected strictly in accordance with the AFIPAY’s Privacy Policy and related regulations.

Once the User’s identity has been verified, AFIPAY is able to remove itself from potential legal liability in a situation where its Services are used to conduct illegal activity.

1.2. Card verification

The Users who are intended to use payment cards in connection with the AFIPAY’s Services have to pass card verification in accordance with instructions available on the AFIPAY’s Site.

2. Monitoring Transactions

The Users are known not only by verifying their identity (who they are) but, more importantly, by analyzing their transactional patterns (what they do). Therefore, AFIPAY relies on data analysis as a risk-assessment and suspicion detection tool. AFIPAY performs a variety of compliance-related tasks, including capturing data, filtering, record-keeping, investigation management, and reporting. System functionalities include:

  • 1) Daily check of Users against recognized “black lists” (e.g. OFAC), aggregating transfers by multiple data points, placing Users on watch and service denial lists, opening cases for investigation where needed, sending internal communications and filling out statutory reports, if applicable;
  • 2) Case and document management.

With regard to the AML/KYC Policy, AFIPAY will monitor all transactions and it reserves the right to:

  • ensure that transactions of suspicious nature are reported to the proper law enforcement through the Compliance Officer;
  • request the User to provide any additional information and documents in case of suspicious transactions;
  • suspend or terminate User’s Account when AFIPAY has reasonably suspicion that such User engaged in illegal activity.

The above list is not exhaustive and the Compliance Officer will monitor Users’ transactions on a day-to-day basis in order to define whether such transactions are to be reported and treated as suspicious or are to be treated as bona fide.

4. Risk Assessment

AFIPAY, in line with the international requirements, has adopted a risk-based approach to combating money laundering and terrorist financing. By adopting a risk-based approach, AFIPAY is able to ensure that measures to prevent or mitigate money laundering and terrorist financing are commensurate to the identified risks. This will allow resources to be allocated in the most efficient ways. The principle is that resources should be directed in accordance with priorities so that the greatest risks receive the highest attention.

company

AboutSolutionsBacome a partner

help

Terms of UsePrivacy PolicyHelp CenterContact UsDocumentation

Unlock a World of Limitless Opportunities with AFIPAY – Build the Payment Solution Your Customers Need. Today.

Book a Callarrow right

©2025 AFIPAY. All Rights Reserved.