VALLTECH – IBITT
Anti-Money Laundering (AML) Program:
Compliance and Supervisory Procedures
UPDATED AS OF SEPTEMBER 01, 2020
Valltech (Ibitt) – AML Policy
The purpose of the VALLTECH/IBITT Anti-Money Laundering and Know Your Customer Policy (hereinafter – the “AML/KYC Policy”) is to identify, prevent and mitigate possible risks of VALLTECH/IBITT being involved in illegal activity.
In conformity with Chilean laws and regulations mandated by law number 19.913 and international regulations VALLTECH/IBITT has implemented effective internal procedures to prevent money laundering, terrorist financing, drug and human trafficking, proliferation of weapons of mass destruction, corruption and bribery and to react correspondingly in case of any form of suspicious activity from its Users.
accordingly, is obliged to comply with Chilean regulatory provisions concerning to fight against money laundering. Valltech/Ibitt maintains policies and procedures designed to prevent money laundering and to prevent doing businesses with entities or persons which are engaged in illegal activities.
The key elements of our AML Policy are:
Implementation of policies and procedures in order to know our customers and customer’s businesses
Monitoring process in order to detect suspicious activity
Process to report detected suspicious activity to the regulatory entity designed (UAF)
Chilean AML Laws and Regulations:
Act #19.913: The entity named UAF (Unidad de Análisis Financiero) was established on year 2003 as responsible to prevent and avoid the utilization of the Chilean financial system as a way to carry out the crime of money laundering.
Institutions must have an appropriate knowledge on its customers, their commercial activities and source of funds. This information (its changes) must be updated. Some other matters covered by this regulation are:
− Compliance Officer designation
− Maintenance of updated AML policies and procedures
− Monitoring, detecting and reporting suspicious activity
− Independent Internal Audit function
Act #20.393: This act grants criminal liability to legal entities for the commission of the crimes of money laundering, terrorism finance and bribery. AML/KYC Policy includes Verification procedures, Compliance Officer, Monitoring Transactions and Risk Assessment.
Money laundering is generally defined as engaging in acts designed to conceal or disguise the true origins of criminally derived proceeds so that the proceeds appear to have derived from legitimate origins or constitute legitimate assets. Generally, money laundering occurs in three stages. Cash first enters the financial system at the “placement” stage, where the cash generated from criminal activities is converted into monetary instruments. At the “layering” stage, the funds are transferred or moved into other accounts or other financial institutions to further separate the money from its criminal origin. At the “integration” stage, the funds are reintroduced into the economy and used to purchase legitimate assets or to fund other criminal activities or legitimate businesses.
Terrorist financing may not involve the proceeds of criminal conduct, but rather an attempt to conceal either the origin of the funds or their intended use, which could be for criminal purposes. Legitimate sources of funds are a key difference between terrorist financiers and traditional criminal organizations. In addition to charitable donations, legitimate sources include foreign government sponsors, business ownership and personal employment. Although the motivation differs between traditional money launderers and terrorist financiers, the actual methods used to fund terrorist operations can be the same as or similar to methods used by other criminals to launder funds. Funding for terrorist attacks does not always require large sums of money and the associated transactions may not be complex.
Our AML policies, procedures and internal controls are designed to ensure compliance with all applicable regulations as well as Chilean Laws and will be reviewed and updated on a regular basis to ensure appropriate policies, procedures and internal controls are in place to account for both changes in regulations and changes in our business.
Law: Act #19.913 – Act #20.393 of Chile.
2. AML Compliance Person Designation and Duties
The company has designated Maria Fernanda Gonzalez del Canto as its Anti-Money Laundering Program Compliance Person (AML Compliance Person), with full responsibility for the company’s AML program. Maria Fernanda Gonzalez del Canto has a working knowledge and its implementing regulations and is qualified by experience, knowledge and training, as well as being the registered person responsible before the UAF of Chile. The duties of the AML Compliance Person will include monitoring the firm’s compliance with AML obligations, overseeing communication and training for employees, and report periodically to the UAF of the Central bank of Chile. The AML Compliance Person will also ensure that the firm keeps and maintains all of the required AML records and will ensure that Suspicious Activity Reports – REPORTE DE OPERACIONES SOSPECHOSAS (ROSs) are filed with UAF when appropriate, as well as the local Chilean regulatory agencies if required. The AML Compliance Person is vested with full responsibility and authority to enforce the firm’s AML program.
The firm will provide the UAF with contact information for the AML Compliance Person through the UAF System, including: (1) name; (2) title; (3) mailing address; (4) email address; (5) telephone number; and (6) facsimile (if any). The firm will promptly notify UAF of any change in this information through the UAF web portal. In addition, if there is any change to the information, Maria Fernanda Gonzalez del Canto will update the information promptly, but in any event not later than 30 days following the change.
3. Giving AML Information to Law Enforcement Agencies and Other Financial Institutions
We will respond to a Unidad de Analisis Financiero (UAF) request concerning accounts and transactions by immediately searching our records to determine whether we maintain or have maintained any account for, or have engaged in any transaction with, each individual, entity or organization named in the request. We understand that we have 14 days (unless otherwise specified by UAF) from the transmission date of the request to respond to a request. We will designate through the ROS System (Reporte de Operaciones Sospechosas) one or more persons to be the point of contact (POC) for requests and will promptly update the POC information following any change in such information. (See also Section 2 above regarding updating of contact information for the AML Compliance Person.) Unless otherwise stated or specified by UAF, we are required to search those documents outlined by UAF. If we find a match, Maria Fernanda Gonzalez del Canto will report it to UAF via the (ROS – Suspicious Activity Report ) System web portal within 14 days or within the time requested by UAF in the request. If the search parameters differ from those mentioned above (for example, if UAF limits the search to a geographic location), Maria Fernanda Gonzalez del Canto will structure our search accordingly.
If Maria Fernanda Gonzalez del Canto searches our records and does not find a matching account or transaction, then she will reply to the request. We will maintain documentation that we have performed the required search by printing out a full registry of users and supplying hard copies to the UAF.
We will not disclose the fact that UAF has requested or obtained information from us, except to the extent necessary to comply with the information request. Maria Fernanda Gonzalez del Canto will review, maintain and implement procedures to protect the security and confidentiality of requests from UAF in order to protect customers’ nonpublic information.
We will direct any questions we have about the request to the requesting law enforcement agency as designated in the request.
Unless otherwise stated we will not be required to treat the information request as continuing in nature, and we will not be required to treat the periodic requests as a government provided list of suspected terrorists for purposes of the customer identification and verification requirements.
We understand that the receipt of a court subpoena concerning a customer does not in itself require that we file a Suspicious Activity Report (ROS). When we receive a subpoena, we will conduct a risk assessment of the customer subject to the subpoena as well as review the customer’s account activity. If we uncover suspicious activity during our risk assessment and review, we will elevate that customer’s risk assessment and file a SAR in accordance with the SAR filing requirements. We understand that none of our officers, employees or agents may directly or indirectly disclose to the person who is the subject of the subpoena its existence, its contents or the information we used to respond to it. If we file a SAR trhough the ROS web portal system of the UAF after receiving a subpoena, the SAR will not contain any reference to the receipt or existence of the subpoena. The SAR will only contain detailed information about the facts and circumstances of the detected suspicious activity.
4. Checking the Office of Foreign Assets Control Listings
Before opening an account, and on an ongoing basis, Maria Fernanda Gonzalez del Canto will check to ensure that a customer does not appear on the SDN list or is not engaging in transactions that are prohibited by the economic sanctions and embargoes administered and enforced by OFAC. Because the SDN list and listings of economic sanctions and embargoes are updated frequently, we will consult them on a regular basis and subscribe to receive any available updates when they occur. With respect to the SDN list, we may also access that list through various software programs to ensure speed and accuracy. Maria Fernanda Gonzalez del Canto will also review existing accounts against the SDN list and listings of current sanctions and embargoes when they are updated and she will document the review.
If we determine that a customer is on the SDN list or is engaging in transactions that are prohibited by the economic sanctions and embargoes administered and enforced by OFAC, we will reject the transaction and/or block the customer’s assets and file a blocked assets and/or rejected transaction form with OFAC within 10 days. We will also call the OFAC Hotline immediately.
Our review will include customer accounts, transactions involving customers (including activity that passes through the firm such as wires) and the review of customer transactions that involve physical security certificates or application-based investments
5. Customer Identification Program
In addition to the information we must collect under Local laws we have established, documented and maintained a written Customer Identification Program (CIP). We will collect certain minimum customer identification information from each customer who opens an account; utilize risk-based measures to verify the identity of each customer who opens an account; record customer identification information and the verification methods and results; provide the required adequate CIP notice to customers that we will seek identification information to verify their identities.
a. Required Customer Information
Prior to opening an account, we will collect the following information for all accounts, if applicable, for any person, entity or organization that is opening a new account and whose name is on the account:
(1) the name;
(2) date of birth (for an individual);
(3) an address, which will be a residential or business street address (for an individual), an Army Post Office (APO) or Fleet Post Office (FPO) box number, or residential or business street address of next of kin or another contact individual (for an individual who does not have a residential or business street address), or a principal place of business, local office, or other physical location (for a person other than an individual); and
(4) an identification number, which will be a taxpayer identification number Chilean RUT or RUN (if the person is from Chile, or one or more of the following: a passport number and country of issuance, alien identification card number, or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or other similar safeguard.
b. Customers Who Refuse to Provide Information
If a potential or existing customer either refuses to provide the information described above when requested, or appears to have intentionally provided misleading information, our firm will not open a new account and, after considering the risks involved, consider closing any existing account. In either case, our AML Compliance Person will be notified so that we can determine whether we should report the situation to USF through the ROS web service.
c. Verifying Information
Based on the risk, and to the extent reasonable and practicable, we will ensure that we have a reasonable belief that we know the true identity of our customers by using risk-based procedures to verify and document the accuracy of the information we get about our customers. Maria Fernanda Gonzalez del Canto will analyze the information we obtain to determine whether the information is sufficient to form a reasonable belief that we know the true identity of the customer (e.g., whether the information is logical or contains inconsistencies).
We will verify customer identity through documentary means. We will use documents to verify customer identity when appropriate documents are available. In light of the increased instances of identity fraud, we will supplement the use of documentary evidence by using the non-documentary means described below whenever necessary. We may also use non-documentary means, if we are still uncertain about whether we know the true identity of the customer. In verifying the information, we will consider whether the identifying information that we receive, such as the customer’s name, street address, zip code, telephone number (if provided), date of birth and Social Security number, allow us to determine that we have a reasonable belief that we know the true identity of the customer (e.g., whether the information is logical or contains inconsistencies).
Appropriate documents for verifying the identity of customers include the following:
• For an individual, an unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard, such as a ID, driver’s license or passport; and
• For a person other than an individual, documents showing the existence of the entity, such as certified articles of incorporation, a government-issued business license, a partnership agreement or a trust instrument.
We understand that we are not required to take steps to determine whether the document that the customer has provided to us for identity verification has been validly issued and that we may rely on a government-issued identification as verification of a customer’s identity. If, however, we note that the document shows some obvious form of fraud, we must consider that factor in determining whether we can form a reasonable belief that we know the customer’s true identity.
We will use the following non-documentary methods of verifying identity:
• Independently verifying the customer’s identity through the comparison of information provided by the customer with information obtained from a, public database such as the Chilean Public Registry (Registro Civil) to ensure the validity of a suspicious document.
We will use non-documentary methods of verification when:
(1) the customer is unable to present an unexpired government-issued identification document with a photograph or other similar safeguard;
(2) the firm is unfamiliar with the documents the customer presents for identification verification;
(3) the customer and firm do not have face-to-face contact; and
(4) there are other circumstances that increase the risk that the firm will be unable to verify the true identity of the customer through documentary means.
We will verify the information within a reasonable time before or after the account is opened. Depending on the nature of the account and requested transactions, we may refuse to complete a transaction before we have verified the information, or in some instances when we need more time, we may, pending verification, restrict the types of transactions or dollar amount of transactions. If we find suspicious information that indicates possible money laundering, terrorist financing activity, or other suspicious activity, we will, after internal consultation with the firm’s AML Compliance Person, file a SAR (ROS) in accordance with applicable laws and regulations.
d. Lack of Verification
When we cannot form a reasonable belief that we know the true identity of a customer, we will not open an account; (2) close an account after attempts to verify a customer’s identity fail; and (3) determine whether it is necessary to file a SAR (ROS)in accordance with applicable laws and regulations.
We will document our verification, including all identifying information provided by a customer, the methods used and results of verification, and the resolution of any discrepancies identified in the verification process. We will keep records containing a description of any document that we relied on to verify a customer’s identity, noting the type of document, any identification number contained in the document, the place of issuance, and if any, the date of issuance and expiration date. With respect to non-documentary verification, we will retain documents that describe the methods and the results of any measures we took to verify the identity of a customer. We will also keep records containing a description of the resolution of each substantive discrepancy discovered when verifying the identifying information obtained. We will retain records of all identification information for five years after the account has been closed; we will retain records made about verification of the customer’s identity for five years after the record is made in accordance to Chilean Law.
f. Notice to Customers
We will provide notice to customers that the firm is requesting information from them to verify their identities, as required by law. We will in our website as well as a disclaimer by email provide notice to our customers:
Important Information About Procedures for Opening a New Ibitt Account
To help the government fight the funding of terrorism and money laundering activities, local law requires all institutions to obtain, verify, and record information that identifies each person who opens an account.
What this means for you: When you open an account, we will ask for your name, address, date of birth and other information that will allow us to identify you. We may also ask to see your driver’s license or other identifying documents.
6. Customer Due Diligence Rule
We do not open or maintain accounts for legal entity customers within the meaning of 31 CFR 1010.230. If in the future the firm elects to open accounts for legal entity customers, we will first establish, document and ensure the implementation of appropriate CDD procedures.
a. Conducting Ongoing Monitoring to Identify and Report Suspicious Transactions
We will conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, maintain and update customer information, including information regarding the beneficial ownership of legal entity customers, using the customer risk profile as a baseline against which customer activity is assessed for suspicious transaction reporting. Our suspicious activity monitoring procedures are detailed within Section 11 (Monitoring Accounts for Suspicious Activity).
7. Correspondent Accounts for Foreign Shell Banks
a. Detecting and Closing Correspondent Accounts of Foreign Shell Banks
We don’t allow any deposits from any bank from a different country where our operations are or will be established. We will identify foreign bank accounts and any such account that is a correspondent account (any account that is established for a foreign bank to receive deposits from, or to make payments or other disbursements on behalf of, the foreign bank, or to handle other financial transactions related to such foreign bank). Upon finding or suspecting such accounts, firm employees will notify the AML Compliance Person, who will terminate any verified correspondent account. We will also terminate any correspondent account that we have determined is not maintained by a foreign shell bank but is being used to provide services to such a shell bank. We will exercise caution regarding liquidating positions in such accounts and take reasonable steps to ensure that no new positions are established in these accounts during the termination period.
8. Due Diligence and Enhanced Due Diligence Requirements for Correspondent Accounts of Foreign Financial Institutions
a. Due Diligence for Correspondent Accounts of Foreign Financial Institutions
We do not have, nor do we intend to open or maintain, correspondent accounts for foreign financial institution.
b. Enhanced Due Diligence
In the event there are circumstances in which we cannot perform appropriate due diligence with respect to a correspondent account, we will determine, at a minimum, whether to refuse to open the account, suspend transaction activity, file a ROS, close the correspondent account and/or take other appropriate action.
Rule: 31 C.F.R. § 1010.610(d).
9. Due Diligence and Enhanced Due Diligence Requirements for Private Banking Accounts/Senior Foreign Political Figures
We do not open or maintain private banking accounts.
Rule: 31 C.F.R. § 1010.620.
Resources: Guidance on Enhanced Scrutiny for Transactions that May Involve the Proceeds of Foreign Official Corruption (1/1/2001); FIN-2008-G005: Guidance to Financial Institutions on Filing Suspicious Activity Reports regarding the Proceeds of Political Corruption (4/17/2008).
10. Compliance with Issuance of Special Measures Against Foreign Jurisdictions, Financial Institutions or International Transactions of Primary Money Laundering Concern
If the Central Bank of Chile, or any other regulatory entity of Chile or any regulatory agency and/or issues a final rule imposing a special measure against one or more foreign jurisdictions or financial institutions, classes of international transactions or types of accounts deeming them to be of primary money laundering concern, we understand that we must read the final rule and follow any prescriptions or prohibitions contained in that rule. For example, if the final rule deems a certain bank and its subsidiaries (Specified Banks) to be of primary money laundering concern, a special measure may be a prohibition from opening or maintaining a correspondent account from the Specified Banks. In that case, we will take the following steps:
(1) We will review our account records, including correspondent account records, to ensure that our accountholders maintain no accounts on the Specified Banks; and notify the corresponding account holder(s).
11. Monitoring Accounts for Suspicious Activity
We will monitor account activity for unusual size, volume, pattern or type of transactions, taking into account risk factors and red flags that are appropriate to our business. (Red flags are identified in Section 11.b. below.) Monitoring will be conducted through the following methods: a weekly report of all transactions will be held both in our servers and in hard copies for auditors/authorities to review transaction history.
The customer risk profile will serve as a baseline for assessing potentially suspicious activity. The AML Compliance Person or his or her designee in conjunction with the in-house counsel of the firm will be responsible for this monitoring, will review any activity that our monitoring system detects, will determine whether any additional steps are required, will document when and how this monitoring is carried out, and will report suspicious activities to the appropriate authorities.
We will conduct the following reviews of activity that our monitoring system detects: Amount equivalent in US Dollars or Chilean Pesos or any FIAT currency provided traded through Ibitt.co; Types of transactions (deposits, withdrawals, prepaid card deposits, etc); frequency of transactions. The AML Compliance Person or his or her designee will conduct an appropriate investigation and review relevant information from internal or third-party sources before a ROS is filed. Relevant information can include, but not be limited to, the following:
– Account Holder information
– Account holder wallets used
– Activity logs
– Current Account balances
a. Emergency Notification to Law Enforcement by Telephone
In situations involving violations that require immediate attention, such as terrorist financing or ongoing money laundering schemes, we will immediately call an appropriate law enforcement authority. If a customer or company appears on OFAC’s SDN list, we will call the UNIDAD DE ANALISIS FINANCIERO (UAF) Hotline at (+56 2 ) 2439 3000 Other contact numbers we will use are: PDI (Policia de Investigaciones de Chile) – Brigada Investigadora de Delitos Económicos Metropolitana (+562 2) Hotline (especially to report transactions relating to terrorist activity). If we notify the appropriate law enforcement authority of any such activity, we must still file a timely a ROS.
Rule: 31 C.F.R. § 1023.320.
Resources: OFAC web page; NTM 02-21; NTM 02-47; UAF Website.
b. Red Flags
Red flags that signal possible money laundering or terrorist financing include, but are not limited to:
Customers – Insufficient or Suspicious Information
• Provides unusual or suspicious identification documents that cannot be readily verified.
• Reluctant to provide complete information about nature and purpose of business, prior banking relationships, anticipated account activity, officers and directors or business location.
• Refuses to identify a legitimate source for funds or information is false, misleading or substantially incorrect.
• Background is questionable or differs from expectations based on business activities.
• Customer with no discernable reason for using the firm’s service.
Efforts to Avoid Reporting and Recordkeeping
• Reluctant to provide information needed to file reports or fails to proceed with transaction.
• Tries to persuade an employee not to file required reports or not to maintain required records.
• “Structures” deposits, withdrawals or purchase of monetary instruments below a certain amount to avoid reporting or recordkeeping requirements.
• Unusual concern with the firm’s compliance with government reporting requirements and firm’s AML policies.
Certain Funds Transfer Activities
• Wire transfers to/from financial secrecy havens or high-risk geographic location without an apparent business reason.
• Many small, incoming wire transfers or deposits made using checks and money orders. Almost immediately withdrawn or wired out in manner inconsistent with customer’s business or history. May indicate a Ponzi scheme.
• Wire activity that is unexplained, repetitive, unusually large or shows unusual patterns or with no apparent business purpose.
Activity Inconsistent With Business
• Transactions patterns show a sudden change inconsistent with normal activities.
• Unusual transfers of funds or journal entries among accounts without any apparent business purpose.
• Maintains multiple accounts, or maintains accounts in the names of family members or corporate entities with no apparent business or other purpose.
• Appears to be acting as an agent for an undisclosed principal, but is reluctant to provide information.
Other Suspicious Customer Activity
• Unexplained high level of account activity with very low levels of securities transactions.
• Funds deposits for purchase of a long-term investment followed shortly by a request to liquidate the position and transfer the proceeds out of the account.
• Law enforcement subpoenas.
• Large numbers of securities transactions across a number of jurisdictions.
• Buying and selling securities with no purpose or in unusual circumstances (e.g., churning at customer’s request).
• Payments to third-party without apparent connection to customer.
• No concern regarding the cost of transactions or fees (i.e., surrender fees, higher than necessary commissions, etc.).
c. Responding to Red Flags and Suspicious Activity
When an employee of the firm detects any red flag, or other activity that may be suspicious, he or she will notify the AML Compliance Person. Under the direction of the AML Compliance Person, the firm will determine whether or not and how to further investigate the matter. This may include gathering additional information internally or from third-party sources, contacting the government, freezing the account and/or filing a ROS.
12. Suspicious Transactions Reporting.
The ROS reporting system from the UAF (https://www.uaf.cl) provides a portal that Valltech’s AML Compliance person has access to. In Accordance to local regulations a monthly report has to be filed.
a. Filing a ROS
We will file a ROS for any transactions (including deposits and transfers) conducted or attempted by, at or through our firm involving $5,000 or more of funds or assets (either individually or in the aggregate) where we know, suspect or have reason to suspect:
(1) the transaction involves funds derived from illegal activity or is intended or conducted in order to hide or disguise funds or assets derived from illegal activity as part of a plan to violate or evade federal law or regulation or to avoid any transaction reporting requirement under federal law or regulation;
(2) the transaction is designed, whether through structuring or otherwise, to evade any requirements of the UAF regulations;
(3) the transaction has no business or apparent lawful purpose or is not the sort in which the customer would normally be expected to engage, and after examining the background, possible purpose of the transaction and other facts, we know of no reasonable explanation for the transaction; or
(4) the transaction involves the use of the firm to facilitate criminal activity.
We will also file a SAR and notify the appropriate law enforcement authority in situations involving violations that require immediate attention, such as terrorist financing or ongoing money laundering schemes. In addition, although we are not required to, we may contact PDI in cases where a SAR we have filed may require immediate attention by the authorities. See Section 11 for contact numbers. We also understand that, even if we notify a regulator of a violation, unless it is specifically covered by one of the exceptions in the ROS rule, we must file a ROS reporting the violation.
We may file a voluntary ROS for any suspicious transaction that we believe is relevant to the possible violation of any law or regulation but that is not required to be reported by us under the ROS rule. It is our policy that all ROS’s will be reported regularly to the Board of Directors and appropriate senior management, with a clear reminder of the need to maintain the confidentiality of the information.
We will report suspicious transactions by completing a ROS, and we will collect and maintain supporting documentation as required by law. We will file a ROS on a monthly basis as it is required by Chilean Law. In the cases where no relevant information we are required to send the ROS file empty and use the “no relevant information for this period” tag in the UAF ROS reporting system.
We will retain copies of any ROS filed and the original or business record equivalent of any supporting documentation for five years from the date of filing the ROS. We will identify and maintain supporting documentation and make such information available to authorities any other appropriate law enforcement agencies upon request.
We will not notify any person involved in the transaction that the transaction has been reported. We understand that anyone who is subpoenaed or required to disclose a ROS or the information contained in the ROS will, except where disclosure is requested by an appropriate law enforcement or regulatory agency.
Resources: Chilean Law: 19.913: 18.314
13. AML Recordkeeping
Our AML Compliance Person and his or her designee will be responsible for ensuring that AML records are maintained properly, and that ROSs are filed as required.
In addition, as part of our AML program, our firm will create and maintain ROSs, and relevant documentation on customer identity and verification (See Section 5 above) and funds transmittals. We will maintain ROSs and their accompanying documentation for at least five years. We will keep other documents according to local and international regulations and recommendations, including certain SEC rules that require six-year retention periods (e.g., Exchange Act Rule 17a-4(a) requiring firms to preserve for a period of not less than six years, all records required to be retained by Exchange Act Rule 17a-3(a)(1)-(3), (a)(5), and (a)(21)-(22) and Exchange Act Rule 17a-4(e)(5) requiring firms to retain for six years account record information required pursuant to Exchange Act Rule 17a-3(a)(17)).
Rules: 31 C.F.R. § 1010.430; Exchange Act Rule 17a-8 (requiring registered broker-dealers subject to the Currency and Foreign Transactions Reporting Act of 1970 to comply with the BSA regulations regarding reporting, recordkeeping and record retention requirements); FINRA Rule 3310.
b. ROS Maintenance and Confidentiality
We will hold ROSs and any supporting documentation confidential. We will not inform anyone outside of the UAF or other appropriate law enforcement or regulatory agency about a ROS. We will refuse any subpoena requests for ROSs or for information that would disclose that a ROS has been prepared or filed and immediately notify UAF of any such subpoena requests that we receive. See Section 11 for contact numbers. We will segregate ROS filings and copies of supporting documentation from other firm books and records to avoid disclosing ROS filings. Our AML Compliance Person will handle all subpoenas or other requests for ROSs.
15. Training Programs
We will develop ongoing employee training under the leadership of the AML Compliance Person and senior management. Our training will occur on at least an annual basis. It will be based on our firm’s size, its customer base, and its resources and be updated as necessary to reflect any new developments in the law.
Our training will include, at a minimum: (1) how to identify red flags and signs of money laundering that arise during the course of the employees’ duties; (2) what to do once the risk is identified (including how, when and to whom to escalate unusual customer activity or other red flags for analysis and, where appropriate, the filing of ROSs); (3) what employees’ roles are in the firm’s compliance efforts and how to perform them; (4) the firm’s record retention policy; and (5) the disciplinary consequences (including civil and criminal penalties) for non-compliance with the regulations and Chilean Law.
We will develop training in our firm, or contract for it. Delivery of the training may include educational pamphlets, videos, intranet systems, in-person lectures and explanatory memos. We will maintain records to show the persons trained, the dates of training and the subject matter of their training.
We will review our operations to see if certain employees, such as those in compliance, margin and corporate security, require specialized additional training. Our written procedures will be updated to reflect any such changes.
16. Program to Test AML Program
The testing of our AML program will be performed at least by Hernan Gamboa our In house Counsel and or any designee from the legal department of the firm, none of whom are the AML Compliance Person nor do they perform the AML functions being tested nor do they report to any such persons. Their qualifications include a working knowledge of applicable requirements under local law and its implementing regulations. To ensure that they remain independent, we will separate their functions from other AML activities.
Independent testing will be performed more frequently if circumstances warrant.
b. Evaluation and Reporting
After we have completed the independent testing, staff will report its findings to senior management. We will promptly address each of the resulting recommendations and keep a record of how each noted deficiency was resolved.
17. Monitoring Employee Conduct and Accounts
We will subject employee accounts to the same AML procedures as customer accounts, under the supervision of the AML Compliance Person. We will also review the AML performance of supervisors, as part of their annual performance review. The AML Compliance Person’s accounts will be reviewed by Hernan Gamboa our in house counsel.
18. Confidential Reporting of AML Non-Compliance
Employees will promptly report any potential violations of the firm’s AML compliance program to the AML Compliance Person, unless the violations implicate the AML Compliance Person, in which case the employee shall report to the Board of Directors of the firm. Such reports will be confidential, and the employee will suffer no retaliation for making them.
19. Additional Risk Areas
The firm has reviewed all areas of its business to identify potential money laundering risks that may not be covered in the procedures described above.
20. Senior Manager Approval
Senior management has approved this AML compliance program in writing as reasonably designed to achieve and monitor our firm’s ongoing compliance under Chilean Law and the implementing regulations under it. This approval is indicated by signatures below.