AML

1. 1. ANTI-MONEY LAUNDERING & COUNTERING TERRORIST FINANCING (AML/CFT) POLICY AND PROCEDURE

   It is the policy of Paypear that all members of staff at all levels actively participate in preventing the services of the firm from being exploited by criminals and terrorists for money laundering purposes. This participation has its objectives as:

   • • Complying with all Anti - Money Laundering Act & Regulations of the jurisdictions;
   • • Requiring all Employees to prevent, detect and report to the AML Control officer all potential instances in which Paypear or its Employees, its facilities or its activities have been or are about to be used for money laundering, terrorist financing and other illegal activity;
   • • Providing for a Money Laundering Control Officer who shall ensure adherence to the Paypear AML & CFT Policies and Procedures;
   • • Requiring all appropriate employees to attend anti-money laundering training sessions, so that all employees are aware of their responsibilities under Paypear policies and procedures; these Guidelines and as affected by current developments with respect to anti-money laundering legislations;
   • • Protecting the firm and all its staff as individuals from the risks associated with breaches of the law, regulations, and supervisory requirements;
   • • Preserving the good name of the firm against the risk of reputational damage presented by implication in money laundering and terrorist financing activities.

   It shall be the policy of Paypear that:

   • • Every member of staff shall meet their personal obligations as appropriate to their role and position in the firm.
   • • Neither commercial considerations nor a sense of loyalty to clients shall be permitted to take precedence over the firm’s anti-money laundering commitment.
   • • The firm shall carry out a business-wide assessment of the risks of money laundering and terrorist financing to which the firm is subject and design and implement appropriate controls to mitigate and manage effectively the risks identified.
   • • The firm shall establish and maintain documented, proportionate policies and procedures, including controls, which outline the positive actions to be taken by staff to prevent money laundering and terrorist financing in the course of their work.

2. 2. CLIENT IDENTIFICATION AND SCREENING POLICY

   All reasonable and practical measures are taken to confirm the clients’ identities and to verify that any third party upon whom Paypear relies for client identification, such as a bank and other financial intermediary, or any other third party adheres to the same standards.

   Paypear has the full right and authority to terminate and close an account with immediate effect and without prior notice to the User.

   1. 2.1. GENERAL PROCEDURE IN CLIENT IDENTIFICATION

      • 2.1.1. These Client Identification Procedures are based on the premise that the Paypear will accept funds from a new and existing Client only after:

        • • Paypear has confirmed the client’s identity and that the client is acting as a principal and not for the benefit of any third party unless specific disclosure to that effect is made; or
        • • If the client is acting on behalf of others, Paypear has confirmed the identities of the underlying third parties.
      • 2.1.2. The Client Identification Procedures should be reviewed in light of the specific characteristics presented by a client and in any instance determine to apply Enhanced Due Diligence (EDD) measures for any other justifiable reasons.
      • 2.1.3. As a reference tool, an Individual Client KYC Checklist is used.
      • 2.1.4. The member of staff conducting verification of identity will complete the process by checking that the client is not the subject of sanctions or other statutory measures, using the screening methods.
      • 2.1.5. Paypear will maintain a list of acceptable documents or information obtained from a reliable source which is independent of the client.
      • 2.1.6. In all cases assessed as presenting a higher money laundering risk, where enhanced client due diligence is required, the Company will decide on additional steps to verify the client’s identity.
      • 2.1.7. All verification of identity processes as well as actions taken to verify the identity of corporate entities will be recorded. This will include keeping photocopies of documents produced, or in exceptional cases with the approval of the Managing Partner, recording information about where copies are held and can be obtained.

   2. 2.2. SCREENING POLICY

      Paypear is prohibited from transactions with individuals, companies and countries that are on prescribed sanctions lists and thus screens its users against United Nations, European Union, UK Treasury and US Office of Foreign Assets Control (OFAC) and other sanction lists.

      • • Office of Foreign Assets Control Specially Designated Nationals List, the list prepared by the Treasury of the USA (OFAC SDN) - hmp://www.treas.gov/offices/ enforcement/ofac/sdn/sdnlist.txt

      • • EU Sanctions List, The warning list prepared by the European Union - hmp://ec.europa.eu/external_relaSons/cfsp/sancSons/list/version4/global/e_ct lview.htm

      • • US Sanctions lists - hmps://www.treasury.gov/resource-center/sancSons/Pages/default.aspx

      • • UN Sanctions lists - hmps://www.un.org/sc/suborg/

      • • FATF high risk and non-cooperative jurisdictions list - https://www.fatf-gafi.org/en/publications/high-riskandnon-cooperati.html

3. 3. RISK ASSESSMENT PROCEDURES

   It is the policy of the firm to identify and assess the money laundering and terrorist financing risks represented by the business the firm conducts so that the firm can mitigate that risk by applying appropriate levels of client due diligence.

   Paypear keeps the risk categorization confidential and can change the categorization of any User at any time given various factors. While the Users are not entitled in any way to seek disclosure.

   1. 3.1. GENERAL RISK PROCEDURE

      • 3.1.1. The firm shall assess the money laundering risk represented by our clients and the business conducted according to three levels:

        • 1. the range normally dealt with by the firm, requiring the firm’s normal level of client due diligence;
        • 2. an exceptionally high level of risk requiring an enhanced level of client due diligence;
        • 3. a negligible level of risk requiring only simplified or reduced due diligence measures.
      • 3.1.2. The firm shall identify and maintain lists of risk factors (including those required by the Regulations) relating to our clients, products or services, transactions, delivery channels and geographic areas of operation.
      • 3.1.3. The firm shall update the risk assessment annually to ensure new and emerging risks are addressed, and new information supplied by our regulatory authority is reflected.

      • 3.1.4. The money laundering or terrorist financing risk represented by each client will be assessed:

        • • during the new client acceptance process and/or during client continuance process for continuing clients;
        • • whenever the firm’s process of ongoing monitoring indicates that a change in the business or operating environment of an established client may represent a change in money laundering risk.

      • 3.1.5. Client risk assessment shall be carried out by the responsible staff who will determine appropriate due diligence measures in respect of each client based on:

        • • the firm’s business-wide risk assessment;
        • • assessment of the level of risk arising in any particular case.
      • 3.1.6. A record must be made of the assessment of individual client relationships, confirming that the firm’s business-wide risk assessment has been taken into account, and any other relevant factors considered.

      • 3.1.7. The following are the examples of clients who pose a high money laundering risk:

        • • A Political figure, any member of a Political Figure’s Immediate Family, and any Close Associate of a Senior Political Figure;
        • • Any client resident in, or organized or incorporated under the laws of, a Non-Cooperative Jurisdiction; and/or high risk countries.
        • • Any client who gives any reason to believe that its funds originate from, or are routed through, an account maintained at an “offshore bank”, or a bank organized or chartered under the laws of a Non- Cooperative Jurisdiction; and
        • • Any client who gives any reason to believe that the source of its funds may not be legitimate or may aid terrorist activities.
      • 2.1.6. In all cases assessed as presenting a higher money laundering risk, where enhanced client due diligence is required, the Company will decide on additional steps to verify the client’s identity.
      • 2.1.7. All verification of identity processes as well as actions taken to verify the identity of corporate entities will be recorded. This will include keeping photocopies of documents produced, or in exceptional cases with the approval of the Managing Partner, recording information about where copies are held and can be obtained.

   2. 3.2. RISK FACTORS

      • 3.2.1. HIGH RISK FACTORS

        • Customer high risk factors, including whether:

          • (a) the business relationship is conducted in unusual circumstances;
          • (b) the customer is resident in a geographical area of high risk (see below);
          • (c) the customer is a legal person or legal arrangement that is a vehicle for holding personal assets;
          • (d) the customer is a company that has nominee shareholders or shares in bearer form;
          • (e) the customer is a business that is cash intensive;
          • (f) the corporate structure of the customer is unusual or excessively complex given the nature of the company’s business;

        • Product, service, transaction, or delivery channel risk factors, including whether:

          • (a) the product involves private banking;
          • (b) the product or transaction is one which might favour anonymity;
          • (c) the situation involves non-face-to-face business relationships or transactions, without certain safeguards, such as electronic signatures;
          • (d) payments will be received from unknown or unassociated third parties;
          • (e) new products and new business practices are involved, including new delivery mechanisms, and the use of new or developing technologies for both new and pre-existing products;
          • (f) the service involves the provision of nominee directors, nominee shareholders or shadow directors, or the formation of companies in a third country;

        • Geographical risk factors, including:

          • (a) countries identified by credible sources, such as mutual evaluations, detailed assessment reports or published follow-up reports, as not having effective systems to counter money laundering or terrorist financing;
          • (b) countries identified by credible sources as having significant levels of corruption or other criminal activity, such as terrorism, money laundering, and the production and supply of illicit drugs;
          • (c) countries subject to sanctions, embargos or similar measures issued by, for example, the African Union, European Union or the United Nations;
          • (d) countries providing funding or support for terrorism;
          • (e) countries that have organisations operating within their territory which have been designated by the government of Uganda as proscribed organizations under the second Schedule to the Anti-Terrorism Act 2002;
          • (f) countries identified by credible sources, such as evaluations, detailed assessment reports or published follow-up reports published by the Financial Action Task Force, the International Monetary Fund, the World Bank, the Organization for Economic Co-operation and Development or other international bodies or non-governmental organisations as not implementing requirements to counter money laundering and terrorist financing that are consistent with the recommendations published by the Financial Action Task Force in February 2012 and updated in October 2016.

      • 3.2.2. LOW RISK FACTORS

        • Customer risk factors, including whether the customer:

          • (a) is a public administration, or a publicly owned enterprise;
          • (b) is an individual resident in a geographical area of lower risk(see sub section below);
          • (c) is an institution required to oblige by provisions of the AML Act;
          • (d) is a company whose securities are listed on a regulated market, and the location of the regulated market;

        • Product, service, transaction or delivery channel risk factors, including whether the product or service is:

          • (a) a life insurance policy for which the premium is low;
          • (b) an insurance policy for a pension scheme which does not provide for an early surrender option, and cannot be used as collateral;

          • (c) a pension, superannuation or similar scheme which satisfies the following conditions—

            • • the scheme provides retirement benefits to employees;
            • • contributions to the scheme are made by way of deductions from wages; and
            • • the scheme rules do not permit the assignment of a member’s interest under the scheme;

        • Geographical risk factors, including whether the country where the customer is resident, established or registered or in which it operates is:

          • (a) an EAC member state;
          • (b) a third country which has effective systems to counter money laundering and terrorist financing;
          • (c) a third country identified by credible sources as having a low level of corruption or other criminal activity, such as terrorism, money laundering, and the production and supply of illicit drugs;

          • (d) a third country which, on the basis of credible sources, such as evaluations, detailed assessment reports or published follow-up reports published by the Financial Action Task Force, the International Monetary Fund, the World Bank, the Organisation for Economic Co-operation and Development or other international bodies or nongovernmental organisations:

            • • has requirements to counter money laundering and terrorist financing that are consistent with the revised Recommendations published by the Financial Action Task Force in February 2012 and updated in October 2016; and
            • • effectively implements those Recommendations.

4. 4. INTERNAL REPORTING PROCEDURES

   1. 4.1. REPORTING OF SUSPICIOUS TRANSACTIONS

      It is the policy of this firm that every member of staff shall remain alert for the possibility of money laundering, and shall pay attention to and report all complex, unusual or large transactions, whether completed or not, and to all unusual patterns of transaction which have no apparent economic or lawful purpose and every suspicion for which they believe there are reasonable grounds, following the firm’s procedure.

      A member of staff becoming aware of a possible suspicion shall gather relevant information that is routinely available to them and decide whether there are reasonable grounds to suspect money laundering. Any additional information acquired, in particular any explanations for unusual instructions or transactions, should be recorded on the client file in the routine manner, but no mention of suspected money laundering is to be recorded in any client file.

      A member of staff who forms or is aware of a suspicion of money laundering shall not discuss it with any outside party, or any other member of staff unless directly involved in the matter causing suspicion.

      No member of staff shall at any time disclose a money laundering suspicion to the person suspected, whether a client, or to any outside party.

   2. 4.2. ONGOING MONITORING OF CLIENT ACTIVITIES

      It is the policy of this firm to put in place policies, controls and procedures for monitoring the implementation of policies, controls and procedures to address the risks relating to money laundering and terrorism financing, and where necessary, enhance them on a regular basis.

      All staff will maintain alertness for clients’ instructions and transactions which represent a significant divergence. The involvement of unexpected jurisdictions or organisations will be checked for possible alerts or sanctions. Irrespective of whether specific incidents have caused a re-assessment of money laundering risk, every client file will be reviewed periodically to check that:

      • • the information held is still adequate, correct and up to date;
      • • the level of client due diligence being applied is still appropriate.

      Periodic review of client files will be conducted at the following intervals:

      • • for high-risk clients – every six months;
      • • for all other clients – annually.

      As part of their improvement efforts the firm shall monitor publicly-available information on best practice in dealing with Money Laundering and Terrorist Financing risks.

   3. 4.3. RECORDS OF CLIENT DUE DILIGENCE

      It is the policy of this firm to ensure that principles of customer due diligence are adhered to at the start of a new business relationship; to establish and maintain systems to keep records of enquiries made and information obtained while exercising client due diligence for AML purposes, and to ensure that these records are retrievable as required for legal and regulatory stipulations.

      The firm shall provide new clients with the statement prior to establishing a business relationship that any personal data received from the client will be processed only for the purposes of preventing money laundering and terrorist financing.

      For clients who have been the subject of a suspicion, relevant records will be retained separately from the firm’s routine archives, and not destroyed, even after the ten year period has elapsed.

   4. 4.4. FORMAL DISCLOSURE

      It is the policy of this firm that responsible person shall receive and evaluate internal suspicion reports and decide whether a formal disclosure is to be made to the authorities. If so deciding, the responsible person will make the formal disclosure on behalf of the firm, using the appropriate mechanism.

      On receipt of a money laundering suspicion report from a member of staff, the firm shall acknowledge its receipt in writing, referring to the report by its date and unique file number, without including the name of the person(s) suspected. This confirms to the member of staff that their legal obligation to report has been fulfilled.

      The Firm shall inform all those, and only those, members of staff who need to be aware of the suspicion in order to protect them and the firm from possible money laundering offences in connection with any related business.

      Following a formal disclosure, the responsible person shall take such actions as required by the authorities in connection with the disclosure.

   5. 4.5. WITHDRAW FROM THE CLIENT RELATIONSHIP

      It is the policy of this firm that from the moment a suspicion of money laundering arises, no further work will be carried out on the matter that gave rise to the suspicion. Neither commercial considerations nor the difficulty in responding to the client’s enquiries on the matter shall be permitted to take precedence over the firm’s legal obligations in this regard.

      As soon as a member of staff forms or becomes aware of a suspicion of money laundering, no further work is to be done on the matter giving rise to suspicion.

      If there is any likelihood of the client becoming aware that work has stopped, for example because an anticipated transaction has not gone through, the member of staff concerned must contact the responsible person for instructions on how to handle the matter with the client.

      When work for a client has been stopped, the responsible person shall carry out the evaluation of the suspicion report as quickly as possible to decide whether a disclosure must be made to the authorities or not.

5. 5. PROCEDURE FOR THE MANUAL MODIFICATION

   This AML/CTF Policy may be periodically reviewed and revised to keep it updated with the amendments in laws and regulations and also accommodate best practices.

   A regular review of the program should be undertaken to ensure that it is functioning as designed. Such a review could be performed by external or internal resources and should be accompanied by a formal assessment or written report.

   If and when regulations are amended concerning reporting of suspicious activities, the firm will amend this Manual to comply with those regulations.