AML Policy
CalienteCasino.Games AML/CF PROCEDURES Version 2.0
Date updated: March 2023
Purpose of Document: To outline the Anti-fraud & AML policies and procedures to be followed for the detection and limitation of fraud & ML – CFT.
Security Class: Confidential
1. Introduction
Federal and state laws categories CalienteCasino.Games (the “Company”) as a “financial institution.” As such, the Company is subject to the Anti-Money Laundering rules of the Bank Secrecy Act. It is required to abide by the applicable legislation and guidance relating to the prevention of money laundering and funding of terrorism and is subject to the supervision of various regulatory and governmental entities.
2. Scope
The provisions in this Anti-Money Laundering Manual (this “Manual”) aim to reduce the possibility that the Company’s services could be used for criminal purposes or in violation of applicable laws and regulations.
This Manual outlines the Company’s policies with regard to the prevention of money laundering and funding of terrorism from the perspective of the legal frame work of the United States and nationally accepted regulations. Policies and procedures will be regularly reviewed to ensure that they continue to meet regulatory requirements and the changing risk environment as per the Company as far as applicable.
3. Compliance Officer
The President of Parcomm Inc. Is responsible for monitoring and enforcing compliance with this Manual and has the final responsibility for developing and executing mitigation actions if and when needed. The President is ultimately responsibel for compliane with all relevant laws, regulations, rules, and professional standards applicable to the Company with regard to AML.
The President is also responsible for the day-to-day execution of the risk management function.
4. Law, Regulations and Rules
The Code of Criminal Law (Penal Code) of US lays down the procedures for the prosecution of a money laundering offense as well as the measures for the confiscation of property upon a conviction of money laundering, measures for the freezing of assets when a person is charged with an offene of money laundering and measures for the issuance of an investigation and/or attachment order when a person is suspected of having committed an offence of money laundering.
NOIS (National On-Line Information Sharing) is applicable to entities which are offering the possibility to take part in offshore online gaming in or out of US which is not the case for the company. The NOIS prohibits subject persons from forming a business relationship or carrying out an occasional transaction with an applicant for business unless said subject person maintains the following measures and procedures established in relation to that business in accordance with the provisions of the NOIS:
• customer due diligence measures; • record-keeping procedures; and
• internal reporting procedures.
The Company is obliged to apply the above measures and procedures including the cases when entering into or undertaking non face-to-face relationships or transactions directly or indirectly through its affiliated group Company.
The Company is also obliged to ensure that employees are made aware of applicable AML/CFT legislation as well as the subject person’s policies and measures in this regard. Employees must undergo appropriate due diligence procedures prior to their engagement and are also expected to be provided with training regarding the recognition and handling of transactions carried out by, or on behalf of, any person who may have been, is, or appears to be engaged in money laundering or the funding of terrorism.
5. Policies, Procedures, and Controls
The Company operates a risk-based approach to developing and operating its systems and controls designed to prevent financial crime. The Company uses the following guidance as a base for its AML risk model:
• a clear statement of the culture and values adopted towards the prevention of financial crime;
• a commitment to ensuring that identity will be satisfactorily verified in all cases and in a risk-based manner, before applicants for business are accepted as clients;
• a commitment to ongoing customer due diligence throughout the business relationship;
• a commitment to ensuring that staff are trained and aware of the law, their legal obligations, and how to meet those obligations
• a clear allocation of roles, responsibilities and organizational structure, and recognition of the importance of staff promptly reporting their suspicions internally.
The procedures contained in this Manual reflect the Company’s AML Policy in general must be adhered to by all staff of the Company.
An AML business risk assessment overview will be maintained in order to allocate and track the components of the separate risk classifications. The Company categorizes overall AML risk into:
• Customer risk
• Product risk
• Interface risk
• Geographical risk
The purpose of the risk-assessment procedures is to enable the Company to be in a position to identify and assess the ML/FT risks that the subject person is or may become exposed to and thereby determine:
• Whether the application of enhanced due diligence is necessary;
• The point in time when the application of customer due diligence in accordance with the NOIS to existing customers is to be carried out; and
• Whether a customer presents a low risk of ML/FT for the purposes of delaying the performance of verification proceedings to after the commencement of a business relationship.
Risk assessment for the Company is carried out on at on-boarding stage (prior to engagement) and subsequently at periodic monthly intervals.
Customers of the Company are subject to risk-based initial and ongoing due diligence procedures.
Initial due diligence seeks to obtain the identity of the customer and verify the identity prior to the establishment of the business relationship. Information on the purpose and intended nature of the business relationship is also obtained, such that the Company is able to establish the business and risk profile of the customer and to accept or reject a client. Ongoing procedures ensure that the initial due diligence information remains up-to-date.
The risk-based approach to the prevention of financial crime is reflected in the Company’s approach to the operation and development of the systems and controls designed to minimize the risk of the Company being used for the purposes of financial crime. Risk is central to the development of the business, new products, development of product functionality or the operation in new markets.
Where a new service, customer group or new geography is addressed by the Company, the financial crime risk assessment will be updated during development/launch (to ensure that AML processes can support the new activities).
Financial crime risk assessments are undertaken on an ongoing basis, and in particular, applied when the business environment changes through, for example, development of new products or product features / functionality.
The results of the financial crime risk assessment will be used to support the development of appropriate systems and controls (policies and procedures) designed to minimize the risk that the Company could be used for the purposes of perpetuating a financial crime.
Internal controls focus on:
• Due diligence of clients, including levels of enhanced due diligence based on risk assessments of each customer;
• Assessing risks and setting out measures to mitigate the said risks; • Monitoring key risk factors for reassessing a specific customer’s risk;
• Financial crime systems and controls will continue to be developed over time in order to adequately address the changing risk environment.
Existing systems and controls will be reviewed and where necessary amended to reflect changes in assessed risk and identified vulnerabilities.
Monitoring controls
It is essential that the controls to manage and mitigate the identified risks are constantly monitored by the Company. This should be done so that in the event of a change in circumstances, which might mitigate or exacerbate a particular risk, the respective control is modified accordingly.
6. Know Your Customer (KYC)
Persons subject to Identification and Verification
Customers of the Company shall be subject to identification and verification procedures as stipulated below. As a general rule, customers shall not be allowed to play if they are not registered with the Company and if they do not hold a player account with the Company. Registration of customers shall be carried out in the way mentioned in the online Terms and Conditions.
The following information shall be requested from customers who opt to play for real money upon registration:
– Email address;
– Currency;
– Full legal name;
– Date of birth;
– Address;
– Country;
– Mobile number; and
-Age Verification. Customers who are not at least 18 years of age shall automatically not be allowed to register.
During this process, the Company will collect the following documentation from the customer in order to verify the customer’s identify:
- 1) A copy of Government Issued Photo ID (in some cases front and back depending on the doc)
- 2) A selfie of themselves holding the ID doc
- 3) A bank statement/Utility Bill
Upon providing all the registration details, customers are sent a validation link to their email address. Customers shall be required to validate their
account via this link for registration to be complete. Unless the validation link is accessed, customers shall not be able to log in to their account.
Deposits
The Company shall receive deposits from customers via one of the means outlined in the Terms and Conditions. The Company does not accept cash deposits and does not process cash withdrawal requests.
Withdrawals
No withdrawals shall be paid out in cash to any customer.
KYC – Account Screening – All new accounts are visually inspected for integrity of data, with suspicious accounts being suspended.
KYC – Simplified Due Diligence – A Simplified Due Diligence process will be the first stage of a risk based process. Newly opened accounts will not be permitted to withdraw funds until basic identification has been verified by one of the following methods:
– Submission of an identity document (ID card, passport, bank statements, utility bills, etc.); or
– Independent third party verification (if available).
Payment Gateway Stage – The payment gateway that will be used will be integrating Capture-Delay and Collaborative Anti-fraud functionality at the deposit stage. These three mechanisms will intertwine and provide the Company with the first layer of protection against fraudsters and chargebacks.
KYC- Follow-Up Due Diligence – The following actions by a customer will trigger the Standard Due Diligence process:
– An attempt to add a second card or card that is not in the name of account holder;
– An attempt to make a name change;
Enhanced due diligence is achieved by the following processes:
– Validation of documents: request copies of documents to validate name, address, date of birth and source of funds;
– Internal corroboration of user identity: this could emanate from a variety of sources from customer monitoring, other databases, gaming activity etc.
7. Ongoing Monitoring
Ongoing monitoring processes will focus on ensuring that due diligence information provided is updated and that documentation provided by customers is not expired.
A relevant person must conduct ongoing monitoring of a business relationship. “Ongoing monitoring” of a business relationship includes:
• transactions being undertaken are consistent with the subject person’s knowledge of the customer and of his business and risk profile, including, where necessary, the source of funds; and
• ensuring that the documents, data or information held by the subject person are kept up to date.
8. Training
Training will be designed to ensure that all relevant staff are made aware of the risk of the Company being used for the purposes of financial crime and the requirement to operate systems and controls to mitigate such risk and the requirement to report suspicious activity.
Relevant staff include the staff of the Company who handle or are managerially responsible for the handling of customer on-boarding and service provision.
The frequency of the provision of AML training will be determined using a risk-based approach, with those who may be at greatest risk from handling suspicious transactions, or who need to be kept up- to-date with changing vulnerabilities and trends, receiving training at more frequent intervals; relevant staff who are close to transaction processing activity are prioritized for training which may be more detailed in content than the training provided for other staff.
AML training will be delivered to relevant staff and will include the following elements:
1. Legal and regulatory obligations under United States law
2. Practical means of identifying unusual and suspicious transactions; and
3. Internal processes and advice on how to act when presented with suspicious activity
9. Reporting
Relevant staff will receive initial and periodic training to ensure that their reporting obligations, and the method of making an Internal STR, are understood as well as to assist them to recognize suspicious activity. Typologies are maintained and will be used as part of the training provided.
Records relating to both Internal and External STRs are kept in accordance with Company record- keeping procedures. External STRs are kept for a minimum period of 5 years.
As regards external reporting, where an employee or representiativer of the Company knows, suspects or has reasonable grounds to suspect that a transaction may be related to money laundering or the funding of terrorism, or that a person may have been, is or may be connected with money laundering or the funding of terrorism, or that money laundering or the funding of terrorism has been, is being or may be committed or attempted, that subject person shall, as soon as possible, disclose that information, supported by the relevant identification and other documentation, to the President of the Company.
10. Record-Keeping Procedures
Company records which are relevant to this Manual may be kept in any of the following forms:
• in physical files;
• in scanned form;
• in computerized or electronic form.
The employees or represenatives of the Company who are maintaining the records should use a standardized approach to record keeping and must ensure that the approach used enables the quick retrieval of records.
Records may be held in paper based and/or electronic form and may be stored by the Company. The Company will ensure that all AML records are retrievable without undue delay.
Records must be kept for a minimum of 5 years (may be extended to 10 years).