Anti-Money Laundering (AML)
and Counter-Terrorism Financing (CTF) policy
CONTENT
Section 1. General information
- Introduction
- Legal and Regulatory Compliance
- Key Definitions
Section 2. Compliance
- Role and Responsibilities - Director(s)/Senior Management
- Role and Responsibilities - Compliance Officer
- General overview related to AUSTRAC Reporting
- Risk Assessment
- Suspicious Matter Reporting
- Risk Awareness Training
- Know Your Transaction
- Fiat Transaction Monitoring
Section 3. Customer Due Diligence (CDD)
- General information about CDD
- Initial Customer ML/TF Risk Assessment
- Enhanced Customer Due Diligence (ECDD)
- Politically Exposed Persons (PEPs)
- CDD for Individual
- Companies’ DD Procedure
Section 4. Final Provisions
- Policy Review Process
- Adopting and amending this Policy
Section 1. General information
1. Introduction
Purpose
This Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) policy outlines the measures and procedures implemented by CoinsAU (the “Company” or “we”) to prevent and detect activities associated with money laundering and terrorism financing. The company has implemented this Policy to fulfill its responsibilities under the Act and Rules as a company providing designated services. The Director(s) and Senior Management have officially approved and adopted this Policy.
This policy applies to all employees, contractors, and users of CoinsAU involved in cryptocurrency trading and related activities.
2. Legal and Regulatory Compliance
Australian Legislation
CoinsAU is committed to complying with the relevant AML/CTF laws and regulations in Australia, including but not limited to:
- Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (“Act”);
- Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (“Rules”);
- AUSTRAC Guides:
- Guidance Note - Meeting your beneficial owner obligations factsheet;
- Guidance Note - Suspicious Matter Reporting;
- Guidance Note - Designated business groups.
Regulatory Reporting
CoinsAU will promptly report any suspicious transactions to the Australian Transaction Reports and Analysis Centre (AUSTRAC) as required by law.
3. Key Definitions
- Beneficial Owner refers to an individual who, either directly or indirectly, owns 25% or more of the customer or exercises control (directly or indirectly) over the customer.
- Customer encompasses individuals or entities for whom the company provides designated services.
- Employee includes the company's staff, officers, or contractors.
- High ML/TF Risk Customer denotes a customer meeting specific triggers, such as being a Prescribed Person, operating a cash-intensive business, having a Politically Exposed Person (PEP) as one of their Beneficial Owners, raising suspicion about their identity, presenting discrepancies in provided information, or triggering a suspicious matter reporting obligation.
- ML/TF risk signifies the risk associated with the company's products and/or services being used for Money Laundering or Terrorism Financing.
- Money Laundering involves the processing of criminal proceeds to conceal their illicit origin.
- PEP stands for a politically exposed person, as defined herein below.
- Senior Management includes individuals within the company's business who either make decisions affecting the entire or a substantial part of the business or have the capacity to significantly impact the company's financial standing.
- Terrorism Financing entails the use of funds to finance the training, preparation, and execution of terrorist activities.
Section 2. Compliance
4. Role and Responsibilities - Director(s)/Senior Management
The Director(s)/Senior Management hold the following roles and responsibilities:
- Ensuring the appropriate design of the Policy.
- Allocating adequate resources for full Policy implementation.
- Approval of the Policy and any modifications to it.
- Providing necessary support for the Policy's success.
- Appointment of a management-level Compliance Officer.
- Ongoing oversight of the Policy.
These tasks may be accomplished through:
- Obtaining quarterly or annual reports from the Compliance Officer or other relevant individuals.
- Obtaining exception reports for significant issues or changes.
- Obtaining reports from board committees.
- Reviewing and taking action on findings from internal and external independent reviews.
5. Role and Responsibilities - Compliance Officer
The Compliance Officer, appointed by the Director(s)/Senior Management, holds the following key responsibilities:
Overall Compliance:
- Implementing and reviewing the Policy as required.
- Ensuring compliance with the Policy, the Act, and Rules.
- Registering the Company with AUSTRAC as a DCE and updating the registration when necessary.
- Ensuring employees have access to the current Policy.
- Maintaining all required records.
- Implementing and maintaining appropriate monitoring processes across the organization.
- Investigating failures to comply and submitting an AML/CTF Compliance Report to AUSTRAC annually by March 31.
- Ensuring customer identification procedures align with the Policy.
Reporting to Director(s)/Senior Management:
- Reporting on the Company's compliance with the Act, Rules, and the Policy.
- Informing Director(s)/Senior Management of any failures to comply and investigation findings.
- Reporting results of risk assessments, reviews of the Policy, changes to ML/TF risks, AUSTRAC feedback or correspondence, and changes to the Act or Rules quarterly (or more often for urgent matters).
ML/TF Risk Assessments:
- Conducting ML/TF risk assessments of the customer base, products/services, delivery channels, and jurisdiction.
- Maintaining a record of all completed ML/TF risk assessments in the Risk Register annually and at determined intervals.
Suspicious Matters:
- Upon receiving notification from an employee of a suspicion that a customer is not who they claim they are, the Compliance Officer will complete additional customer identification procedures to confirm the suspicion.
- The Compliance Officer is required to promptly report suspicious matters to AUSTRAC. If the suspicion pertains to Terrorism Financing, the report must be submitted within twenty-four (24) hours of forming the suspicion. For all other cases, the report should be filed within three (3) business days from the time the relevant suspicion is formed.
- Reporting suspicious matters to AUSTRAC promptly, as required.
- Recording details of suspicions in the Suspicious Matter Reports Register.
Risk Awareness Training:
- Arranging risk awareness training for all employees and maintaining a record of training in the Training Register, as required and determined by Director(s).
Determination of Reliable and Independent Documentation/Electronic Data:
- Determining documents and electronic data sources for verification of customer information annually.
6. General overview related to AUSTRAC Reporting
The Company bears the following reporting obligations:
Registration as a DCE and Renewal of DCE Registration:
- Initial registration before providing a designated service.
- Registration renewal every 3 years.
AML/CTF Compliance Report:
- Submission of an annual Compliance Report, detailing the Company's compliance with the Act and Rules.
- Deadline: Annually (before 31 March).
Changes to Enrolment Details:
- Notification to AUSTRAC of any change to enrolment details within fourteen (14) days of the change.
Suspicious Matters:
- Report suspicious matters to AUSTRAC within three (3) business days (or twenty-four (24) hours in the case of Terrorism Financing).
The Compliance Officer is tasked with ensuring the Company adheres to the above registration and reporting obligations. Additionally, any serious non-compliance with these reporting obligations must be promptly notified to AUSTRAC. The Compliance Officer serves as the nominated contact officer for interactions with AUSTRAC.
7. Suspicious Matter Reporting (SMR)
All employees are required to promptly inform the Compliance Officer of any suspicious matter. A suspicious matter arises when there are reasonable grounds to suspect that:
- A customer (or their agent) is not the person they claim to be.
- Information held by the Company may be relevant to the investigation or prosecution of tax evasion, offences against Commonwealth, State, or Territory laws, or enforcement of the Proceeds of Crime Act 2002.
- Providing a designated service may be preparatory to a person committing an offence related to Money Laundering/Terrorism Financing (ML/TF).
- Information held by the Company, or providing a designated service, may be relevant to the investigation or prosecution of a person for an offence related to ML/TF.
Examples of potentially suspicious matters include doubts about a customer's identity, requests for uneconomic transactions, engagement in tax evasion, significant unexplained wealth, unusually complex structures, unusual payments/transfers, customers from high-risk countries, or funds from unknown or illegal sources.
Employees are prohibited from discussing potentially suspicious matters with anyone other than the Compliance Officer. The Compliance Officer is also restricted from informing others about the activity or the SMR.
Steps on Receiving Notification of Suspicious Matter:
Upon notification of a suspicious matter, the Compliance Officer will investigate by gathering background information from the reporting employee. If the Compliance Officer forms a reasonable suspicion:
- Suspicious matter - customer is not as claimed:
- Conduct Enhanced Customer Due Diligence within fourteen (14) days.
- If still unsatisfied, submit a SMR to AUSTRAC within three (3) business days.
- Suspicious matter - other:
- Report to AUSTRAC through the AUSTRAC Online Portal within twenty-four (24) hours (Terrorism Financing) or three (3) business days (other cases) after forming the relevant suspicion.
If needed, the Compliance Officer will consult with AUSTRAC and relevant enforcement agencies to determine the best course of action regarding a customer with a lodged SMR. Employees and the Compliance Officer must not disclose information about a suspicious matter to anyone (other than AUSTRAC), except to a lawyer for legal advice. The Compliance Officer will determine whether to provide or cease designated services to a customer based on the suspicion. Enhanced Customer Due Diligence is required for irregular customer behavior to decide if it is truly suspicious and reportable.
8. Risk Assessment
The Company must have procedures in place to identify, mitigate and manage the ML/TF risks that it may face in providing designated services. To meet these obligations, the Company has adopted a risk-based approach.
In adopting a risk-based approach, the Company has:
- Exercised reasonable business judgment with respect to the nature of its business (including its customers, types of designated services (products and services), delivery channels and jurisdictions);
- Analysed the nature, size and complexity of its business;
- Assessed its ML/TF risk according to low, medium and high-risk; and
- Applied its own risk appetite, and designed procedures that are proportionate to the risks.
The Company's risk-based approach uses an internal methodology to measure risks based on likelihood and consequence, having regard to the Company's knowledge of its customers, products and limited delivery channels. The Company has considered the following key ML/TF risks:
- Regulatory ML/TF Risk: risks associated with breaches of the Act and Rules;
- Business ML/TF Risk: risk that its business may be used for ML/TF, including in the context of its customers, types of designated services (products and services), delivery channels and the jurisdictions with which it deals.
The Company has identified and assessed its ML/TF risk in the context of the Act and Rules and the level of ML/TF risk the Director(s)/Senior Management is prepared to accept. The result of the ML/TF risk assessments undertaken will be used:
- To determine the risk-based systems and controls included in Part B of this Policy; and,
- When deciding to make any amendments to this Policy.
The Company's risk-based approach involves the following steps:
Step 1 - Risk Identification:
- Responsibilities:
- Compliance Officer implements the risk assessment process.
- Directors identify initial ML/TF risks.
- Ongoing identification by Compliance Officer, Senior Management, and Directors.
Step 2 - Risk Assessment:
- Responsibilities:
- Directors approve the initial risk assessment.
- Compliance Officer conducts ongoing assessments, reporting to Directors and Senior Management.
- Customer-facing employees assess ML/TF risks before providing designated services.
Step 3 - Risk Treatment:
- Responsibilities:
- Compliance Officer determines risk-based systems and controls, subject to Director(s) and Senior Management approval.
Step 4 - Risk Monitoring and Review:
- Responsibilities:
- Compliance Officer ensures ongoing identification, assessment, and management of ML/TF risks.
- Annual assessments by Compliance Officer for changes or as deemed necessary.
9. Risk Awareness Training
The Compliance Officer is responsible for ensuring that risk awareness training is delivered to all employees that satisfy the following requirements:
- are in a role which has been assessed as posing a high ML/TF risk;
- have contact with customers;
- authorise and approve customer transactions;
- handle customer funds;
- facilitate transaction reporting to AUSTRAC; or
- oversee or implement the Policy (Relevant Employees).
The Compliance Officer may determine that it is appropriate for other employees that do not satisfy these requirements to be provided with risk awareness training. The Compliance Officer is responsible for ensuring that Relevant Employees receive:
- an AML/CTF training component as part of the induction training for new employees;
- additional AML/CTF training for employees whose role has been assessed as posing a high ML/TF risk;
- adequate risk awareness training at appropriate intervals, having regard to ML/TF risk faced by the Company; and
- adequate training on how to identify potential suspicious matters.
The risk awareness training will cover the following:
- the Company's obligations under the Act and Rules and consequences of non-compliance;
- types of ML/TF risk that the Company may face and the potential consequences of such risk; and
- processes and procedures under this Policy that are relevant to the role of the employee.
The Compliance Officer is responsible for:
- determining the timing, manner of delivery and nature of risk awareness training;
- verifying that new and existing employees have completed risk awareness training;
- providing risk awareness training (or arranging for training to be provided) to the Director(s) to enable the Director(s) to discharge their responsibilities; and
- keeping a record of any training completed in the Training Register.
10. Know Your Transaction (KYT)
The company is committed to implementing a robust Know Your Transaction (KYT) framework to enhance vigilance and mitigate the risk of money laundering and terrorism financing associated with transactions conducted through our services.
More detailed is delineated in a separate company’s policy.
Transaction Documentation
The company will ensure that appropriate transaction documentation is collected and maintained, enabling a clear understanding of the nature and purpose of each transaction.
Customer Verification
KYT procedures will include the verification of customer information associated with transactions, ensuring consistency with the details provided during onboarding.
Transaction Risk Assessment
The company will conduct transaction risk assessments to identify and prioritize high-risk transactions, focusing on those with potential links to money laundering or terrorism financing activities.
Ongoing Monitoring
Ongoing monitoring of transactions will be conducted to detect any unusual patterns or deviations from established customer behavior, triggering further investigation when necessary.
11. Fiat Transaction Monitoring
The company will implement a Fiat Transaction Monitoring framework (delineated in a separate policy) to systematically review and analyze transactions, enabling the identification of suspicious activities and enhancing compliance with AML/CTF regulations.
Monitoring Systems according to indicators – red flags
The company will utilize monitoring systems to systematically analyze transactional data, identifying patterns or anomalies that may indicate potential money laundering or terrorism financing activities.
The main indicators are the following:
- Unusual Transaction Volumes: Transactions significantly higher or lower than typical for a customer or industry norm.
- Frequent Large Cash Transactions: Repeated large cash transactions that may be an attempt to avoid detection.
- Multiple Transactions Below Reporting Threshold: Regular small transactions that, when aggregated, surpass reporting thresholds.
- Rapid Movement of Funds: Swift and unexplained transfers of funds between accounts or across jurisdictions.
- Inconsistent Customer Information: Variances in customer details, documentation, or behavior, indicating potential falsification.
- Unexplained Geographic Changes: Transactions originating from or directed to locations inconsistent with the customer's usual profile.
- High-Risk Jurisdictions: Transactions involving countries or regions known for higher money laundering or terrorism financing risks.
- Structured Transactions: Deliberate structuring of transactions to avoid reporting thresholds.
- Use of Anonymous or Shell Companies: Transactions involving entities with unclear ownership or using structures designed to conceal the beneficial owner.
- Unusual Business Relationships: Transactions involving unexpected or unrelated business relationships.
- Abnormal Transaction Timing: Transactions conducted during non-business hours or at times inconsistent with normal patterns.
- Payments to High-Risk Entities: Payments to entities or individuals associated with high-risk activities or sectors.
- Unexplained Increase in Account Activity: A sudden and unexplained surge in transaction volume or account activity.
Alerts and Reporting
The company will establish procedures to promptly respond to alerts generated by the transaction monitoring systems, and if necessary, report suspicious transactions to the relevant authorities in accordance with legal obligations.
Regular Review and Enhancement
The Transaction Monitoring framework will be subject to regular review and enhancement to adapt to emerging risks and changes in regulatory requirements, ensuring its effectiveness in detecting and preventing illicit activities.
Section 3. Customer Due Diligence (CDD)
12. General information about CDD
The Company's customer due diligence procedures include:
- processes for the collection and verification of customer information; and
- risk-based systems and controls to determine what (if any) other information will be collected and verified in relation to a customer, having regard to the ML/TF risk posed by that customer.
The Company will consider the following factors when identifying its exposure to ML/TF and developing its customer due diligence procedures:
- customer types including any PEPs and Beneficial Owners of customers;
- customers’ sources of funds and wealth;
- the control structure of non-individual customers;
- the nature and purpose of the business relationship with its customers, including as appropriate, the collection of information relevant to that consideration;
- the types of designated services provided;
- the methods by which the Company delivers designated services; and
- the country in which the Company delivers designated services.
Identification and Verification
The Company will conduct thorough customer due diligence before allowing any user to trade on the platform. This includes verifying the identity of users through official documentation.
Enhanced Due Diligence
Enhanced due diligence will be conducted for high-risk transactions or customers, including those from high-risk jurisdictions.
13. Initial Customer ML/TF Risk Assessment
In light of the Company's comprehensive ML/TF risk assessment and the classification of risks as LOW/MEDIUM, the Company has opted to implement processes for collecting and verifying customer information designed for low/medium ML/TF risk customers within this Policy.
Subsequently, the Company will proceed to assess the ML/TF risk specific to each customer. If any high-risk triggers are identified, the customer will be categorized as having a high ML/TF risk and treated accordingly.
The Company shall not provide designated services to customers based on the following:
- The customer (or a Beneficial Owner) being a Politically Exposed Person (PEP) requires written approval from the Compliance Officer.
- Inability to verify the customer's identity using due diligence procedures outlined in Part B.
- Lack of reasonable satisfaction by the Company that the customer is who they claim to be.
These stringent measures ensure a proactive and risk-aware approach in providing designated services, aligning with the determined ML/TF risk levels.
14. Enhanced Customer Due Diligence (ECDD)
Enhanced Customer Due Diligence will be implemented where the Company determines that:
- the ML/TF risk associated with a particular designated service, customer, delivery method or jurisdiction is high;
- a designated service is being provided to a customer who is, or who has a Beneficial Owner who is, a Foreign PEP or International Organisation PEP or a Domestic PEP where the customer is a High ML/TF Risk Customer or the relevant Beneficial Owner has been classified as high risk; or
- a suspicious matter has arisen.
The Company will not provide designated services to customers against whom sanctions have been imposed or have been included on Sanction Lists.
The Compliance Officer will:
- obtain names of individuals/entities that have been identified as potentially matching the individuals/entities on Sanction Lists;
- determine, with a reasonable degree of certainty, whether the individual/entity is, or is not, the individual/entity identified on Sanction Lists; and
- determine whether to continue to provide designated services to that individual/entity or terminate the provision of a designated service.
Steps in Enhanced Customer Due Diligence:
Step 1 - Seek Further Information:
- Obtain additional information from the customer or third-party sources.
- Clarify or update customer and Beneficial Owner information.
- Clarify the nature of the customer's ongoing business with the Company.
Step 2 - More Detailed Analysis:
- Undertake a detailed analysis of customer and Beneficial Owner information.
- Identify the source of wealth and funds for the customer and each Beneficial Owner.
Step 3 - Verify or Reverify Information:
- Verify or re-verify customer and/or Beneficial Owner information according to customer identification procedures.
Step 4 - Analysis and Monitoring of Transactions:
- Analyze and monitor past and future transactions.
- Assess the purpose, nature, and expected behavior of specific transactions.
Step 5 - Director(s)/Senior Management Approval:
- Seek approval before continuing a business relationship, processing a transaction, or providing a designated service.
The Company's processes for identifying high ML/TF risk customers for the purposes of conducting Enhanced Customer Due Diligence includes the following steps:
Step 1 - Identifying "Red Flags":
- Exercise vigilance to identify suspicious activity or behavior constituting a "red flag."
Step 2 - Notifying the Compliance Officer:
- Immediately notify the Compliance Officer upon identifying a "red flag."
Step 3 - Compliance Officer Assessment:
- Compliance Officer assesses:
- ML/TF risk of the customer.
- Need for updated or verified information.
- Application of Enhanced Customer Due Diligence.
- Lodging a Suspicious Matter Report (SMR).
Red Flags for Identification:
Customer Applications and Transactions:
- Acting on third-party instructions.
- Providing false or incomplete identification.
- Non-residential address for an individual.
- Frequent changes to account details.
Documentation Verification:
- Damaged or poorly imaged documents.
- Formatting issues, spelling, or grammatical errors.
- Missing logo or inconsistent logo.
Customer Communication:
- Inability to answer specific questions.
- Incorrect information provided.
- Inconsistent voice or tone.
- Overly friendly or aggressive behavior.
15. Politically Exposed Persons (PEPs)
A Politically Exposed Person (PEP) is an individual holding a prominent public position or function. These include:
1. Primary PEPs (Individuals in Prominent Positions):
- Head of State or government
- Government minister or equivalent
- Senior government official
- Judge of the High Court or equivalent
- Governor of a central bank or similar influential position
- High-ranking member of the armed forces
- Director, chair, CEO, or CFO of a State enterprise or international organization
2. Immediate Family Members of Primary PEPs:
- Spouse, de facto partner, child, child’s spouse or de facto partner, parent
3. Close Associates of Primary PEPs:
- Individuals with joint or sole beneficial ownership of legal entities or arrangements with a Primary PEP
For the purposes of step 2 in the table below, the following PEP classifications apply:
- Domestic PEP means a PEP of an Australian Government body;
- Foreign PEP means a PEP of a government body of a foreign country; and
- International Organisation PEP means a PEP of an international organisation (i.e. an organisation established by a formal political agreement by two or more countries which has the status of an international treaty and is recognised in the law of the countries which are members of the organisation).
Employees undertaking the identification or verification process are responsible for:
- making decisions or determinations in relation to customer identification or verification, or if in doubt, referring the matter to the Compliance Officer; and
- being aware of the risk associated with PEPs and reporting any information or suspicions immediately to the Compliance Officer.
For all customers, the Company is required to determine whether the customer or Beneficial Owner is a PEP. This is done by following the below process:
Step 1 - Perform Searches:
- Utilize internet searches and open-source databases to identify potential PEPs or associates.
Step 2 - Refer to Compliance Officer:
- Refer potential PEPs or associates to the Compliance Officer for determination.
- Compliance Officer decides PEP status, classification, and ML/TF risk.
Step 3 - Risk Assessment:
- Assess ML/TF risk associated with identified PEPs based on factors such as location, services, authority, and transaction details.
Step 4 - Collect Further Information:
- Gather additional information on PEPs as determined by risk and classification.
- Collect data on aliases, addresses, occupation, income, and more.
Step 5 - Verification:
- Verify PEP information, including full name, date of birth, or residential address.
- Document-based or electronic verification based on customer type.
- Beneficial Owner verification using various sources.
Step 6 - Director(s)/Senior Management Approval:
- Obtain approval before establishing or continuing a business relationship or providing designated services to the PEP.
Employees involved in identification or verification processes must make decisions or refer uncertainties to the Compliance Officer. Awareness of PEP-associated risks and immediate reporting of information or suspicions to the Compliance Officer is crucial. The Compliance Officer takes measures to establish the source of wealth and funds for all PEP-involved customers.
16. CDD for Individual
Where the Customer is an individual, the Company must be reasonably satisfied that the individual is the person that they claim to be. The necessary steps to be completed:
Collect
Collect the following information:
- full name;
- date of birth; and
- residential address.
For individuals identified as PEPs, collect all of the information mentioned above before the provision of a Designated Service, or as soon as possible after it has been provided. Only if there are reasonable grounds to consider that a Beneficial Owner of a Customer is not the same as the Customer, collect the full name and either the date of birth or residential address of the Beneficial Owner.
Verify
Verify the following details:
- full name; and
- either:
- date of birth; or
- residential address.
Verify the same for PEPs and Beneficial Owners.
Verification method
All information collected must be verified based on reliable and independent documentation, or reliable and independent electronic data, or a combination of both. The following procedure should be conducted in all cases, where possible:
Australian documentation
- Original or Certified Copy of a current:
- Australian driver’s licence containing a photograph of the person; or
- Australian Passport; or
- card issued under a law of a State or Territory for the purpose of proving a person’s age which contains a photograph of the person in whose name the document is issued.
Foreign documentation
- Original or Certified Copy of a current:
- foreign passport or similar document issued for the purpose of international travel, that contains a photograph and the signature of the person in whose name the document is issued
- where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator.
Simplified identification procedure where ML or TF risk is medium or low
The Customer identification procedure will be taken to have been met in respect of a Customer who is determined to be of a medium or low risk if the following steps are taken:
- the KYC Information required as mentioned above is collected;
- the Customer’s name and either the Customer’s residential address or date of birth, or both, are verified from:
- an original or Certified Copy of a primary photographic identification document; or
- both:
- an original or Certified Copy of a primary non-photographic identification document; and
- an original or Certified Copy of a secondary identification document; and
- the relevant verification documents have not expired (other than a passport expired within the preceding two years).
Alternatively, the required KYC Information may be verified using reliable and independent electronic data from at least two separate data sources and either the Customer’s date of birth using reliable and independent electronic data from at least one data source or that the Customer has a transaction history for at least the preceding three years.
Collection and verification of additional information
The Company will have regard to the ML and TF risk relevant to the provision of the Designated Service in determining:
- whether and what additional KYC Information or Beneficial Owner information to collect and verify in respect of an individual Customer; and
- the manner of collection and verification.
17. Companies’ DD Procedure
Where the Customer is a domestic or foreign company, the Company must be reasonably satisfied that the company exists and must collect and verify information relating to its Beneficial Owners.
The necessary steps to be completed:
Collect
Australian company |
Foreign company registered by ASIC |
Foreign company not registered by ASIC |
The full name of the company as registered by ASIC |
The full name of the company |
The full name of the company |
N/A |
The country in which the company was formed, incorporated or registered |
The country in which the company was formed, incorporated or registered |
N/A |
Whether the company is registered by the relevant foreign registration body |
Whether the company is registered by the relevant foreign registration body |
N/A |
If the company is registered by the relevant foreign registration body, the name of the relevant foreign registration body |
If the company is registered by the relevant foreign registration body, the name of the relevant foreign registration body |
The full address of the company’s registered office in Australia |
If the company is registered by the relevant foreign registration body, the full address of the company in its country of formation, incorporation or registration as registered by the relevant foreign registration body |
If the company is not registered by the relevant foreign registration body, the full address of the principal place of business of the company in its country of formation or incorporation |
OR |
If the company is not registered by the relevant foreign registration body, the full address of the principal place of business of the company in its country of formation or incorporation |
If the company is not registered by the relevant foreign registration body, the full address of the principal place of business of the company in its country of formation or incorporation |
The ACN issued to the company |
The ARBN issued to the company |
Any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration |
Whether the company is registered by ASIC as proprietary or public company |
Whether it is registered as a private or public company by the relevant foreign registration body |
Whether it is registered as a private or public company by the relevant foreign registration body |
If the company is registered as a proprietary company, the name of each director of the company |
If the company is registered as a private company by the relevant foreign registration body – the name of each director of the company |
If the company is registered as a private company by the relevant foreign registration body – the name of each director of the company |
If the company is a regulated company, the name of the regulator and details of the relevant licence |
If the company is a regulated company, the name of the regulator and details of the relevant licence |
If the company is a proprietary company and is not a regulated company, the name and residential address of any individual who owns through one or more shareholdings more than 25% of the issued capital of the company |
If the company is a proprietary or private company and is not a regulated company, the name and residential address of any individual who owns through one or more shareholdings more than 25% of the issued capital of the company |
If the company is a majority owned subsidiary of an Australian listed company, the name of the Australian listed company and the name of the relevant market/exchange |
If the company is a listed company, the name of the relevant market/exchange |
The nature of the business activities carried out by the company |
The full name and either the date of birth or residential address of each Beneficial Owner of a proprietary or private company (other than a company which is verified under the simplified company verification procedure or a foreign public company which is listed on a stock exchange and subject to ‘transparency of Beneficial Owner’ disclosure requirements which are the same as, or comparable to, the requirements which exist in Australia, or a proprietary company that is licensed and subject to the regulatory oversight of a Commonwealth, State or Territory statutory regulator) |
Verify
Verify the following information:
Company type |
Verify the following information |
Australian company |
The full name of the company as registered by ASIC |
|
Whether the company is registered by ASIC as a proprietary or public company |
|
The ACN issued to the company |
Foreign company registered by ASIC |
The full name of the company as registered by ASIC |
|
Whether the company is registered by the relevant foreign registration body, and if so whether it is registered as a private or public company |
|
The ARBN issued to the company |
Foreign company not registered by ASIC |
The full name of the company |
|
Whether the company is registered by the relevant foreign registration body and if so: |
|
any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration; and |
|
whether the company is registered as a private or public company |
Listed company (foreign or Australian) |
That the company is a listed company |
Majority-owned subsidiary (foreign or Australian) of an Australian listed company |
That the company is a majority owned subsidiary of an Australian listed company |
Regulated company (foreign or Australian) |
That the company is subject to regulatory oversight |
Verification method
Verification is to be based as far as possible on reliable and independent documentation, reliable and independent electronic data or a combination of both. With regard to the verification of KYC Information for foreign companies, the Company must have regard to the ML and TF risk relevant to the provision of the Designated Service, including the jurisdiction of incorporation of the foreign company as well as the jurisdiction of the primary operations of the foreign company and the location of the foreign stock or equivalent exchange (if any).
Australian company
- A search of the ASIC database.
- If the ASIC database is not reasonably available, an original or Certified Copy of a certificate of registration issued by ASIC.
Foreign company registered with ASIC
- A search of the relevant foreign registration body.
- If that source is not reasonably available, an original or Certified Copy of a certificate of registration (or equivalent) issued by the relevant foreign registration body.
- If it is not possible to verify the company from either or both of the above, a disclosure certificate from the company given by an agent of the company verified in accordance with Schedule 1 (see Schedule 8 for Agents of Customers requirements).
Foreign company not registered with ASIC
- A search of the relevant financial market.
Listed company
- A search of the relevant ASIC database.
Majority owned subsidiary of an Australian listed company
- A search of the licence or other records of the relevant Commonwealth, State or Territory statutory regulator.
Regulated company
- A public document issued by the relevant company.
Non-English documents:
Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator.
Simplified company verification procedure
The Company can confirm that a Customer that is a company is:
- an Australian listed company;
- a majority owned subsidiary of an Australian listed company; or
- licensed and subject to the regulatory oversight of a Commonwealth, State or Territory statutory regulator in relation to its activities as a company,
by obtaining one or a combination of the following:
- a search of the relevant domestic stock exchange;
- a public document issued by the relevant company;
- a search of the relevant ASIC database; or
- a search of the licence or other records of the relevant regulator.
Collection and verification of additional information
The Company will have regard to the ML and TF risk relevant to the provision of the Designated Service in determining:
- whether and what additional KYC Information and Beneficial Owner information to collect and verify in respect of a company; and
- the manner of collection and verification.