BIMeta Corporation, which specialized in developing unique applications for architects, engineers, and contractors, is dedicated to abiding by all anti-money laundering (AML) and countering the financing of terrorism (CFT) laws and regulations in the United States as well as those set forth by the Financial Action Task Force (FATF). This policy was created to safeguard our company and clients against the hazards of money laundering (ML), terrorist financing (TF), and proliferation financing (PF) as part of our commitment to upholding a robust AML/CFT program.
Our AML/CFT policy is intended to stop our business from being used as a conduit for unlawful operations, such as ML, TF, and PF. It describes the steps we take to recognize and confirm our clients' identities, find questionable transactions, and report them to the appropriate authorities. All of our staff members, independent contractors, representatives, and any third-party service providers acting on our behalf are subject to this policy.
We understand how crucial it is to keep a robust AML/CFT program in place, and we are dedicated to doing our share to advance safety and security in the financial industry. We can make sure that our company is conducting itself in a transparent and morally upright manner, contributing to the general integrity of the financial system, by abiding by the rules and regulations established by the US and FATF.
This AML/CFT policy's objective is to outline BImeta Corporation's commitment to combating money laundering and terrorist financing, as well as to offer a framework for seeing, keeping an eye on, and reporting questionable activity. The goal of the policy is to ensure that the business complies with all relevant AML/CFT laws and rules, such as the USA PATRIOT Act, the Bank Secrecy Act (BSA), and the Financial Action Task Force (FATF) recommendations.
This policy is applicable to all BImeta Corporation employees, officers, directors, and agents.
It includes all business operations carried out by the organization, such as the creation
and marketing of unique
applications for contractors, engineers, and architects as well as the creation of a worldwide app to facilitate workflows and communication in the sector. In addition, regardless of the nature or scope of the transaction, the policy is applicable to all clients and business connections that the
company maintains. The aim of the policy is to guarantee adherence to all relevant
US and FATF AML/CFT
rules and regulations.
BImeta Corporation is governed by a number of AML/CFT laws and regulations both domestically and abroad. The Bank Secrecy Act (BSA), the USA PATRIOT Act, and the rules set forth by the Financial Crimes Enforcement Network (FinCEN) of the U.S. Department of Treasury are a few examples. The international AML/CFT standards set forth by the FATF, which many nations have ratified, are likewise applicable to us. The commitment of our organization is to abide by all applicable AML/CFT laws, rules, and any instructions provided by regulatory bodies.
Any Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) program must include risk assessment as a key component. Financial institutions must conduct a risk assessment to identify and reduce potential ML/TF risks in accordance with US and FATF laws and regulations.
We must conduct a risk assessment for BIMeta Corporation in order to identify and assess the potential ML/TF risks connected to our business activities. BIMeta Corporation specializes in developing custom applications for Architects, Engineers, and Contractors and is currently developing (international app) software to help communication and workflows for our industry.
References:
· "Anti-Money Laundering (AML) Program Requirements for Financial Institutions," 31 C.F.R. 1020.210, published by the Financial Crimes Enforcement Network (FinCEN) of the United States Treasury Department.
· 2012 FATF Recommendations.
To detect and assess any potential ML/TF risks connected to our business operations, the following tasks are performed as part of risk assessment.
The purpose of this Risk Assessment is to identify, assess, and mitigate potential ML/TF risks associated with our business activities. This Risk Assessment applies to all aspects of our business, including but not limited to, the creation and distribution of custom applications for Architects, Engineers, and contractors, and the development of software to help communication and workflows for our industry.
Page | 2
We will use a risk-based approach to identify and assess potential ML/TF risks associated with our business activities. Our methodology will involve the following steps:
a) Identify the relevant ML/TF risks associated with our business activities.
b) Assess the likelihood and potential impact of each identified ML/TF risk.
c) Assign a risk rating to each identified ML/TF risk based on the likelihood and potential impact of the risk.
d) Evaluate the effectiveness of our current AML/CFT controls in mitigating the identified ML/TF risks.
e) Develop and implement additional AML/CFT controls as necessary to mitigate identified ML/TF risks.
We have identified the following ML/TF risks associated with our business activities:
a) The risk of our services being used to facilitate the laundering of proceeds from criminal activity, such as bribery or corruption.
b) The risk of our services being used to facilitate the financing of terrorism or proliferation of weapons of mass destruction.
We will assess the likelihood and potential impact of each identified risk and assign a risk rating based on the outcome of the assessment.
We will evaluate the effectiveness of our current AML/CFT controls in mitigating the identified ML/TF risks. Our controls assessment will involve the following steps:
a) Identify the AML/CFT controls currently in place.
b) Evaluate the effectiveness of each control in mitigating the identified ML/TF risks.
c) Assign a control effectiveness rating to each control based on the outcome of the evaluation.
Based on the outcome of the ML/TF risk assessment and AML/CFT controls assessment, we will develop and implement additional AML/CFT controls as necessary to mitigate identified ML/TF risks. These controls may include but are not limited to:
a) Enhanced customer due diligence measures, such as obtaining additional information from customers or conducting enhanced ongoing monitoring of customer activity.
b) Additional training for employees to increase awareness of ML/TF risks and the importance of AML/CFT controls.
c) Implementation of transaction monitoring and reporting systems to detect and report suspicious activity
Customer Due Diligence (CDD) is a crucial element of any effective AML/CFT program, as it helps to identify and verify the identity of customers, assess the risk of potential money laundering or terrorist financing activities, and monitor customer transactions for suspicious activities. CDD measures typically include obtaining identifying information and documentation from customers, conducting risk assessments, and establishing ongoing monitoring processes. The CDD process should include:
a) Verifying the customer's identity using the procedures established in the CIP.
b) Assessing the customer's risk level based on the risk assessment.
c) Obtaining information on the purpose and intended nature of the business relationship.
d) Monitoring the customer's transactions and activity for suspicious activity.
e) If the customer is a politically exposed person (PEP), BImeta Corporation should conduct EDD, which may include obtaining additional information on the PEP's source of funds and wealth.
References:
· FATF Recommendations, Recommendations 10, 12, and 22
· 31 CFR 1010.420
Under the USA PATRIOT Act, BImeta Corporation must establish and maintain a Customer Identification Program (CIP) to verify the identity of its customers, including corporate clients. BImeta Corporation needs to establish a CIP that includes procedures for verifying the identity of each customer, taking into account the types of products and services provided by BImeta Corporation. The CIP must include the following information:
a) The customer's name
b) The customer's date of birth (for individuals)
c) The customer's address
d) Identification number (e.g., Social Security number or passport number)
For corporate clients, BImeta Corporation must obtain identifying information about the entity, such as the legal name of the business, its address, and its tax identification number. Additionally, BImeta Corporation must verify the identity of the individuals authorized to act on behalf of the entity, such as the company's directors, officers, and any person authorized to conduct transactions on behalf of the business.
The CIP must also include a risk-based approach to verifying customer identities, taking into account the types of products and services provided by BImeta Corporation. The CIP must also have procedures for verifying the identity of beneficial owners, if applicable.
References:
·
USA PATRIOT
Act, Section 326
· 31 CFR 1020.220
BImeta Corporation shall identify the beneficial owner(s) of its clients as part of the customer due diligence process. The identification process shall be risk-based and shall involve the collection of sufficient information to establish the identity of the beneficial owner, including:
a) Name
b) Date of birth
c) Residential address
d) Nationality
e) Identification number or document
f) Nature and extent of the interest held by the beneficial owner
BImeta Corporation shall verify the identity of the beneficial owner(s) using reliable, independent sources, such as government-issued identification documents or commercial databases.
BImeta Corporation shall undertake ongoing monitoring of its clients and their beneficial owners to ensure that the information on the beneficial owners remains up-to-date and accurate.
BImeta Corporation shall take reasonable measures to determine whether a customer or beneficial owner is a politically exposed person (PEP) and, if so, shall apply enhanced due diligence measures in accordance with the applicable laws and regulations.
References:
· United States Patriot Act, Section 326
· Financial Action Task Force (FATF) Recommendations, Recommendation 10 and Interpretive Note to Recommendation 10
BImeta Corporation needs to assess the risks posed by its customers, including the risk of money laundering and terrorist financing. This assessment should consider factors such as the customer's geographic location, the nature of the business, and the products and services being provided.
The risk assessment should be used to determine the level of due diligence required for each customer. For example, high-risk customers should undergo enhanced due diligence (EDD), while low-risk customers may require simplified due diligence (SDD).
References:
·
FATF Recommendations, Recommendation 10
· 31 CFR 1010.610
BImeta Corporation must monitor its customers' transactions on an ongoing basis to detect any suspicious activity. This monitoring should be risk-based and should take into account the customer's risk level and the products and services being provided. If BImeta Corporation detects any suspicious activity, it must file a suspicious activity report (SAR) with the Financial Crimes Enforcement Network (FinCEN) and take appropriate action to mitigate the risk of money laundering or terrorist financing.
References:
·
FATF Recommendations, Recommendation 20
· 31 CFR 1020.320
BImeta Corporation identifies a transaction that is unusual or suspicious, they should file a Suspicious Transaction Report (STR) with the appropriate regulatory authorities. The STR should contain all relevant information about the transaction, including the customer's identity, the nature of the transaction, and any other details that may be pertinent to the investigation.
Reference: Section 5318(g) of the Bank Secrecy Act
a) Existing customers must be assigned a risk rating based on the Risk Matrix which BImeta Corporation has created together with BImeta Corporation's Risk Assessment in its Risk-based Approach.
b) BImeta Corporation is required to apply CDD measures to existing customers on the basis of materiality and risk and to conduct due diligence on such existing relationships at appropriate times, taking into account whether and when CDD measures have previously been undertaken, and the adequacy of data obtained.
c) The CDD requirements entails that if BImeta Corporation has a suspicion of ML/TF/PF or becomes aware at any time that it lacks sufficient information about an existing customer, it should take steps to ensure that all relevant information is obtained as quickly as possible.
d) BImeta Corporation is entitled to rely on the identification and verification steps that it has already undertaken unless it has doubts about the veracity of that information.
e) If BImeta Corporation has a suspicion of MITF/PF or becomes aware at any time that it lacks sufficient information about an existing customer, it should take steps to ensure that all relevant information is obtained as quickly as possible.
EDD is an advanced form of due diligence that requires the implementation of additional measures to identify, verify and monitor high-risk customers, business relationships or transactions. The purpose of EDD is to enhance the effectiveness of the AML/CFT program, by providing additional information and intelligence to assess and mitigate the risks of money laundering and terrorism financing.
For corporate clients identified as high-risk, BImeta Corporation must implement Enhanced Due Diligence (EDD) measures, which are an advanced form of due diligence that requires additional measures to identify, verify, and monitor high-risk customers, business relationships, or transactions. The purpose of EDD is to enhance the effectiveness of the AML/CFT program by providing additional information and intelligence to assess and mitigate the risks of money laundering and terrorism financing.
EDD measures for corporate clients may include obtaining additional information about the entity's ownership and control structure, including information about the ultimate beneficial owners of the company, and conducting ongoing monitoring of the business relationship to identify and report any suspicious activities. Additionally, BImeta Corporation may need to verify the source of the entity's funds, as well as the purpose and expected nature of the business relationship.
References:
· USA PATRIOT Act, Section 326
· 31 CFR 1020.220
· Financial Crimes Enforcement Network (FinCEN) - Guidance on Obtaining and Retaining Beneficial Ownership Information
In order to comply with EDD requirements, BImeta Corporation must take the following steps:
a) Identify the risks of money laundering and terrorism financing associated with your business and customers, taking into account the nature, size, complexity and geography of your operations. This includes assessing the risk of your international app, as well as the risk of your customers who are architects, engineers and contractors.
b) Establish and document EDD policies and procedures that are appropriate to the risks identified. These policies and procedures should include enhanced customer due diligence, ongoing monitoring, and the reporting of suspicious activities. You should also consider implementing controls and measures to detect and prevent the misuse of your international app for money laundering or terrorism financing purposes.
c) Conduct enhanced customer due diligence on high-risk customers and business relationships, such as those involved in international transactions, politically exposed persons (PEPs), or customers from high-risk jurisdictions. This may include obtaining additional information and documentation from the customer, conducting background checks, or using third-party data providers to verify the customer's identity and assess their risk.
d) Implement ongoing monitoring of high-risk customers and business relationships, including the monitoring of transactions, source of funds and wealth, and any changes in the customer's risk profile or behavior. This will help you to detect and report suspicious activities in a timely manner.
e) Report suspicious activities to the relevant authorities, such as the Financial Crimes Enforcement Network (FinCEN) in the United States. You should also maintain records of your EDD activities and be able to provide them upon request to the authorities.
BImeta Corporation provides AML/CFT training to all employees and contractors. The training covers the legal and regulatory framework, the company's AML/CFT program, and employees' obligations regarding customer due diligence, reporting suspicious activity, and maintaining confidentiality. We also provide regular updates on changes to AML/CFT laws and regulations and our internal policies and procedures.
a) BImeta Corporation shall ensure that all concerned staff receives training on ML/TF/pF prevention on a regular basis, at least annually or more frequently where there are changes to the regulatory requirements or where there are significant changes to the BImeta Corporation's business operations or customer base. BImeta Corporation must ensure that all staff fully understand the procedures and the need for compliance with the regulations.
b) BImeta Corporation shall consider obtaining an undertaking from their staff members (both new and existing) confirming that they have attended the training on AML/CFT matters, read the BImeta Corporation's AML/CFT manuals, policies, and procedures, and understand the AML/CFT obligations under the relevant laws.
c) Supervisors, managers, and senior management (including the Board of Directors) should receive a higher level of training covering all aspects of AML/CFT procedures, including the offenses and penalties arising from non-compliance with relevant laws.
d) The CO should receive in-depth training on all aspects of AML/CFT laws and regulations. They should also receive ongoing training on new trends of criminal activity determination, investigation, and reporting of suspicious activities.
For international transactions, BImeta Corporation shall maintain additional records, including information on the originator and beneficiary of the transaction, the name and address of the financial institution(s) involved in the transaction, and any other information required by applicable laws and regulations.
These records shall be maintained for a period of at least five years from the date of the transaction.
BImeta Corporation shall comply with any special measures imposed by the Financial Crimes Enforcement Network (FinCEN) in relation to jurisdictions, financial institutions, or international transactions of primary money laundering concern, including but not limited to the following:
· Prohibiting or imposing conditions on the opening or maintaining of correspondent accounts or payable-through accounts by the covered financial institution in the United States for a foreign bank;
· Prohibiting or imposing conditions on the use of a correspondent account or payable-through account by the covered financial institution in the United States for a foreign bank; and
· Requiring the covered financial institution in the United States to take special measures to address the primary money laundering concern.
References:
· 31 CFR § 1010.410 - Special measures for jurisdictions, financial institutions, or international transactions of primary money laundering concern
· Financial Crimes Enforcement Network (FinCEN) - Guidance on Obtaining and Retaining Beneficial Ownership Information
Our company maintains records of all customer due diligence, transactions, and suspicious activity reports for at least five years. We understand the importance of accurate and complete record-keeping for regulatory compliance and the investigation and prosecution of money laundering and terrorist financing.
The record-keeping requirements for AML/CFT compliance are also outlined in the recommendations of the Financial Action Task Force (FATF), the global standard-setter for AML/CFT. The FATF Recommendations require financial institutions to maintain records of customer identification information, transactional records, and other relevant documents for at least five years. The FATF Recommendations also emphasize the importance of maintaining accurate and complete records to facilitate the investigation and prosecution of money laundering and terrorist financing.