AML and KYC on BlaBla.Money digital currency exchange service
The AML/KYC system is one of the important components of increased security support for the work of clients on the BlaBla.Money cryptocurrency exchange service . The primary goals are to identify and eliminate possible violations by users, to find suspicious and criminal actions in the exchange of electronic assets. Often the goal of attackers is money laundering or financing of prohibited organizations. The basis of the AML system is the verification of the identity of the clients of the service (both during registration and after, which increases the level of security during operation). The policy direction under consideration is managed by international organizations that have blacklists of violators, thanks to which suspicious elements can be quickly found.
AML/KYC policy terminology
AML / KYC is a mandatory measure used to control and monitor internal transfers, as well as to prevent and detect violations. There are a number of terms used to correctly understand the implementation of procedures:
- The company is a service that deals with the exchange of digital currencies.
- User - a person using the services of the Company.
- Money laundering is the provision of incorrect information about the source, location, purpose of the use of finance, as well as the transfer of illegally obtained money to other accounts.
- Financing of terrorism - the allocation of funds for the activities of terrorist organizations.
- International sanctions are restrictions that are adopted by many organizations in the world for certain individuals.
- A PEP is a person who has significant political influence.
- AML / KYC is the company"s policy, which also includes measures aimed at determining the facts of obtaining illegal income.
The policy in question is often used to investigate the actions performed by the user, investigate internal incidents in the company, and also search for suspicious situations. It fully complies with international security standards. An AML strategy makes it possible to increase the level of internal security. The set of measures is aimed at working out suspicious cases with transfers that are directly related to economic crimes and money laundering. Additionally, various financial transactions and transfers can be checked if they are non-standard and have no economic justification. This can often be seen in the deviation of user actions from the standard algorithm.
The main measures implemented within the framework of the AML / KYC policy are based on the laws that currently exist. The administration of the service is guided by the law in all types of checks, which also applies to suspicious transactions, non-standard client activity, etc. The management monitors the updating of laws and promptly responds to such changes, which are especially important for the financial sector.
BlaBla.Money employs highly qualified specialists. They have the authority to conduct checks, stop transfers if they are suspicious, and perform other operations as part of the implementation of the AML / KYC policy. Service personnel act in accordance with the existing safety instructions. To maintain a high level of qualification, employees undergo additional training, briefings and monitor updates in the area of activity in question. This helps to increase the level of customer confidence in the work of the company.
Identification of the identity of customers and establishing communication with them
The main direction in providing security for the BlaBla.Money cryptocurrency exchange service is the international AML / KYC policy, as this is one of the most developed and complex of the existing ones at the moment. It helps to secure the service when registering customers, as well as when monitoring user transfers. Collaboration with customers is direct. Users cannot work on their own behalf and represent the interests of other persons. All transactions are carried out exclusively on their own behalf. It is for this reason that the identification procedure is mandatory for everyone. All users must provide documentation to verify identity, location, and other important identification factors.
To complete the registration procedure, you may need:
- international passport;
- driver license;
- bank card;
- photo of a client with a bank card.
The documents must contain the following information:
- FULL NAME;
- an identification number;
- Date of Birth;
- series and document number;
- information about the authority that issued the document;
- residential address;
- registration address;
- Contact details.
In addition, there are additional documents that may be required during inspections. These include:
- for residents of the country where the organization is located - a passport (internal or foreign), a driver"s license and confirmation of a residence permit;
- for non-residents - a foreign passport, where there is information about entering the country;
- documents with data on the place of residence and registration, which are valid for up to six months (utility bills, bank statements, other documents with an address).
Legal entities during registration must submit the following list of documents:
- extract from the commercial register;
- Company name;
- registration number;
- date of registration;
- information about the representative and founders;
- Contact Information.
People who interact with the company must provide documents to identify their identity.
Forecasting and Risk Research
Activities in the electronic field, aimed at the exchange of cryptocurrencies, have a number of significant risks. The main one is money laundering, which can also be associated with the financing of terrorist organizations, as well as other illegal and anti-social groups.
To ensure a sufficiently high level of control over risks, company employees conduct an analysis of the characteristics, thanks to which it is possible to immediately weed out suspicious users that pose a risk to the organization:
- geographic location;
- the risk of working with a specific client;
- user transfers, money transactions and other activities.
The geographic risks associated with the location have their own characteristics. When studying them, the specialists of the organization pay a lot of attention to such places:
- the area of influence of the EU and the UN, in which the sectional restrictions provided for by these organizations apply;
- states that do not control compliance with the rules related to ensuring financial security, money laundering, etc.;
- countries that support and finance terrorist organizations;
- countries with a high level of corruption.
A fairly large risk in cooperation with a client can be in this case:
- the client is a PEP;
- his family members are PEPs;
- partners and associates of the user are PEPs;
- the client is on the black list of the UN, EU or other international organizations;
- the user committed economic crimes.
During the execution of operations on the site, the risks include the following situations:
- the user account was used to perform financial transactions by third parties;
- financial activities are carried out without an appropriate economic justification;
- intentional concealment of persons participating in the exchange of funds was carried out;
- funds were transferred to one account from different accounts and sources;
- the client"s account receives funds in non-standard amounts, as well as from suspicious sources.
Accordingly, if the site administration finds any of the risk factors in the activities of its customers, this will become a justified reason for implementing additional actions for identity verification and transfers.
A company that provides cryptocurrency exchange services may refuse to provide services to people living in countries and certain regions where there is a high risk of economic crime. If a legal or natural person is under international sanctions, then he will be granted registration. Quite a lot of attention on the part of the administration is given to persons who are associated with PEP or are such. Also, persons who are suspected of money laundering, sponsoring terrorist organizations and other economic crimes will not be able to register.
Risks of this kind are associated with the use of computers and IT in this area. The main ones include:
- transfer of information;
- deliberate transmission of false information;
- the spread of viruses;
- hacker attacks.
To reduce the likelihood of digital hazards, the organization"s specialists use only licensed software in their activities, which is updated. External media are not connected to the equipment used in the company, which also helps to achieve a certain level of security. No one will be able to write to media information that is stored on the devices of the organization.
In order to reduce the risk of knowingly receiving false information from users, all personal information is verified in several stages. Clients submit a set of agreed-upon documents with high-resolution photographs that are clear enough to examine the data.
Service systems are well protected from cyber attacks. To do this, employees constantly monitor the transfers, track suspicious user actions. In addition to this, software and anti-virus programs are being updated. Employees regularly attend advanced training courses, receive up-to-date updates of information that contribute to the efficient operation of the organization.
In order to prevent the facts of violation of the rules, money laundering, allocation of money for the activities of terrorist organizations, the company conducts regular checks in which it considers personal data and other information about the user. All this information is used for internal purposes only and is not shared with third parties. If violations are found, they will be reported to law enforcement agencies. Personal data can only be transferred by court order or at the request of law enforcement agencies.
Legal checks suggest that the following will be checked:
- provided documentation;
- beneficiary of the transaction;
- business relations of the client;
- perfect transfers;
- sources of funds.
This kind of verification assumes that certain facts are checked, which are available for confirmation with the help of certain documents. If there are doubts that the data provided by the client is true, the original documents are examined.
The nuances of the AML / KYC policy suggest that it is possible to confirm the identity of a particular client with sufficient accuracy. If he does not submit the documents necessary for this or sends them incomplete, then he will not be able to register. If it is possible to identify criminal intent in the transfer of incorrect information, then information about such a case will be transferred to law enforcement agencies.
Taking into account the rules existing in the AML / KYC policy, the client gets access to BlaBla.Money services, can use all the functionality and make electronic transfers. The AML / KYC policy is aimed at preventing and determining the facts of economic crimes, money laundering, and the allocation of funds for terrorist organizations. Identification of clients, both during their registration and after that, helps to create stable working conditions and an adequate level of security.