These are the rules of procedure for the prevention of money laundering and terrorist financing and compliance with international and EU sanctions. Established by the decision of the management board of Banger Network sp.z.o.o. (which operates under the brand name of Axishift), Registration Number 0001047671 (hereinafter Provider of Service) on 1st September 2024.
1.1. These rules of procedure for the prevention of money laundering and terrorist financing, and compliance with international sanctions (hereinafter Rules) establish requirements for screening Clients (as defined in section 2.8) and Transactions (as defined in section 2.7) to prevent entering into deals involving suspected Money Laundering and Terrorist Financing, and to ensure the identification and reporting of such.
1.2. The obligation to adhere to the Rules falls upon Management Board members and employees of the Provider of Service, including temporary staff and agents of the Provider of Service who initiate or establish a Business Relationship (as defined in section 2.6) (hereinafter collectively referred to as the Representative). Each Representative must confirm their awareness of the Rules with a signature.
1.3. The Rules are primarily based on the regulations of the Money Laundering and Terrorist Financing Prevention Act (hereinafter the Act) and DIRECTIVE (EU) 2018/843 (hereinafter 5TH AML Directive).
2.1. Money Laundering – refers to a series of activities involving property derived from criminal activity or property obtained instead of such property with the purpose to:
i. Conceal or disguise the true nature, source, location, disposition, movement, right of ownership, or other rights related to such property;
ii. Convert, transfer, acquire, possess, or use such property to conceal or disguise the illicit origin of property or to assist a person involved in criminal activity to evade legal consequences;
iii. Participate in, associate to commit, attempt to commit, and aid, abet, facilitate, or counsel the commission of any actions described in subsections 2.1.i and 2.1.ii.
2.2. Terrorist Financing – involves the provision or collection of funds, by any means, directly or indirectly, with the intention that they are used or knowing that they are to be used, in full or in part, to carry out any of the offences within the meaning of Articles 1 to 4 of Council Framework Decision 2002/475/JHA.
2.3. International Sanctions – comprise a list of non-military measures decided by the European Union, the United Nations, or another international organization aimed at maintaining or restoring peace, preventing conflicts, and reinforcing democracy, rule of law, human rights, international law, and other objectives of the common foreign and security policy of the European Union.
2.4. Compliance Officer or CO – is the representative appointed by the Management Board responsible for the effectiveness of the Rules, conducting compliance checks over adherence to the Rules, and serving as the contact person for the Financial Intelligence Unit (FIU).
2.5. FIU – refers to the Financial Intelligence Unit of any Member State of the European Union.
2.6. Business Relationship – refers to a relationship established by the Provider of Service in its economic and professional activities with a Client.
2.7. Transaction – includes cash flow, payment orders, or cryptocurrency transfers from a Client to the Provider of Service.
2.8. Client – a natural or legal person utilizing the services of the Provider of Service.
2.9. Beneficial Owner – is a natural person who:
i. Takes advantage of their influence to control a transaction, operation, or another person and in whose interests a transaction is performed;
ii. Ultimately owns or controls a legal person through direct or indirect ownership of a sufficient percentage of shares or voting rights, including through bearer shareholdings or control via other means. Direct ownership involves holding at least 25 percent plus one share or ownership interest, while indirect ownership involves control through companies under the same natural person’s influence.
iii. Holds a senior management position, if the person specified in clause ii cannot be identified after all possible means of identification have been exhausted.
iv. In the case of a trust, civil law partnership, community, or legal arrangement, the beneficial owner is the natural person who ultimately controls the association through direct or indirect ownership or otherwise and is the settlor, trustee, or manager of the property.
2.10. Politically Exposed Person or PEP – is a natural person entrusted with prominent public functions such as a head of state, head of government, minister, or other high-ranking officials. The provisions also apply to positions in the European Union and other international organizations.
2.10.1. A family member of a PEP includes the spouse, child, or parent of a politically exposed person.
2.10.2. A close associate of a PEP includes a person known to be the beneficial owner or to have joint beneficial ownership of a legal entity or arrangement with a PEP.
2.11. Local Politically Exposed Person or Local PEP – a natural person who performs or has performed prominent public functions in a contracting state of the European Economic Area, European Free Trade Area, or in an institution of the European Union.
2.12. Equivalent Third Country – refers to a country outside the European Economic Area applying an equivalent regime to the EU’s anti-money laundering (AML) framework.
2.13. Virtual Currency – refers to value represented in digital form, which is digitally transferable, preservable, or tradable and accepted as a payment instrument but not legal tender of any country or funds under Directive (EU) 2015/2366.
3.1. The Provider of Service offers the exchange of virtual currency against fiat currency and vice versa.
3.2. The Provider of Service is subject to authorization by the FIU.
4.1. The MB shall appoint a CO whose principal tasks are to:
4.1.1. Monitor the compliance of the Rules with the relevant laws and compliance of the activity of the Representatives with the procedures established by the Rules.
4.1.2. Compile and keep updated the data regarding countries with low tax risk, high and low risk of Money Laundering and Terrorist Financing, and economic activities with great exposure to Money Laundering and Terrorist Financing.
4.1.3. Carry out training, instruct, and update the Representatives on matters pertaining to procedures for the prevention of Money Laundering and Terrorist Financing.
4.1.4. Report to the MB once a year (or more frequently, if necessary) on compliance with the Rules and on Transactions with suspicion of Money Laundering or Terrorist Financing.
4.1.5. Collect, process, and analyze the data received from the Representatives or Clients concerning suspicious and unusual activities.
4.1.6. Collaborate with and report to the FIU on events of suspected Money Laundering or Terrorist Financing and respond to inquiries of the FIU.
4.1.7. Make proposals on remedying any deficiencies identified in the course of checks.
4.2. The CO must meet all the requirements prescribed by the Act, and the appointment of the CO shall be coordinated with the FIU. If, as a result of a background check carried out by the FIU, it becomes evident that the CO’s credibility is under suspicion due to their previous acts or omissions, the Provider of service may extraordinarily terminate the CO’s employment contract due to the loss of credibility.
4.3. Tasks of the CO can be performed by a department; therefore, provisions of section 4.2 will apply accordingly.
5.1. The Provider of service shall determine and take due diligence (hereinafter DD) measures using results of conducted risk assessment (see Section 11), and provisions of national risk assessment, published on official channels of the European Banking Authority, Europol, and according to the 4TH AML Directive.
5.2. The Representatives shall pay special attention to the activities of Clients participating in a Transaction and to circumstances that refer to Money Laundering or Terrorist Financing, including complex, high-value, or unusual Transactions which do not have any reasonable economic purpose.
5.3. Depending on the level of risk of the Client and/or Transaction and depending on whether the Business Relationship is an existing one or about to be established, the Provider of service shall apply either normal DD measures (see Section 6), simplified DD measures (see Section 9), or enhanced DD measures (see Section 10). The Provider of service shall also apply continuous DD measures to ensure ongoing monitoring of Business Relationships (see Sections 5.7-5.10).
5.4. DD measures shall include the following procedures:
i. Identifying the Client and verifying its identity using reliable, independent sources, documents, or data, including e-identifying.
ii. Identifying and verifying the representative of the Client and the right of representation.
iii. Identifying the Client’s Beneficial Owner.
iv. Assessing and, as appropriate, obtaining information on the purpose of the Business Relationship and the Transaction.
v. Conducting ongoing DD on the Client’s business to ensure the Transactions being carried out are consistent with the Provider of the service’s knowledge of the Client and its source of funds.
vi. Obtaining information whether the Client is a PEP or PEP’s family member or PEP’s close associate. If the client is identified to belong to any of these categories, they are denied service.
5.5. The Provider of service shall establish the source of wealth of the Client, where appropriate.
5.6. To comply with the DD obligation, the Representatives shall have the right and obligation to:
i. Request appropriate identity documents to identify the Client and its representatives.
ii. Request documents and information regarding the activities of the Client and legal origin of funds.
iii. Request information about Beneficial Owners of a legal person.
iv. Screen the risk profile of the Client/Transaction, select the appropriate DD measures, assess the risk whether the Client or another person linked with the Transaction is or may become involved in Money Laundering or Terrorist Financing.
v. Re-identify the Client or the representative of the Client if there are any doubts regarding the correctness of the information received in the course of initial identification.
vi. Refuse to participate in or carry out the Transaction if there is any suspicion that the Transaction is linked with Money Laundering or Terrorist Financing, or that the Client or another person linked with the Transaction is or could be involved in Money Laundering or Terrorist Financing.
5.7. The objective of the continuously applied DD measures is to ensure ongoing monitoring of Clients and Transactions. Conducting ongoing monitoring of the Business Relationship includes:
i. Scrutiny of Transactions being carried out to ensure that the Transactions being conducted are consistent with the Provider of the service’s knowledge of the Client, the business, and risk profile of the Client.
ii. Obtaining information on the source of funds for Transactions.
iii. Keeping up-to-date the documents, data, or information obtained during taking DD measures.
iv. Paying particular attention to Transactions and Client’s conduct leading to criminal activity or Money Laundering or Terrorist Financing, and clarifying the nature, reasons, and background of Transactions.
v. Paying particular attention to the Business Relationship or Transactions if the Client is from or the seat of a Client being a legal person is located in a third country, which is included in the list of risk countries.
5.8. Annual review of a Client being a legal entity is carried out regularly once a year. Updated data shall be recorded in the Provider of the service’s Client database.
5.9. The Representative updates the data of a Client, who is either a legal person or a natural person, i.e., takes appropriate DD measures every time when:
i. The Client addresses the Provider of service with the request to amend a long-term contract during the term of its validity.
ii. Upon identification and verification of the information, there is reason to suspect that the documents or data gathered earlier are insufficient, have changed, or are incorrect. In this case, the Representative may conduct a face-to-face meeting with the Client.
iii. The data pertaining to the Transactions of Client reveal significant changes in the Client’s area of activity or business volumes, which warrants amending the Client’s risk profile.
iv. The Provider of service has learned through third persons or the media that the activities or data of the Client have changed significantly.
5.10. The Representative shall evaluate the substance and the purpose of the Client’s activities to establish the possible links of the respective Transaction with Money Laundering or Terrorist Financing. The evaluation should result in an understanding of the purpose of the Business Relationship for the Client, the nature of the Client’s business, the risk levels of the Client, and, if necessary, the sources of funds related to Transactions.
5.11. At Axishift, we value the security and understanding of our services for all our clients. As part of our commitment, we have implemented an Enhanced Due Diligence Process (EDDP) for clients who are 70 years old (SEVENTY) or above. The EDDP is designed to ensure that these clients fully comprehend our services and are equipped with the necessary knowledge to engage with our crypto exchange platform. Once identified as a client falling within this age range, a courteous and polite member of our Axishift AML team will initiate the EDDP. They will reach out to the client via a phone call to introduce themselves and verify the client’s registration for our services. During the call, our AML agent will explain in detail the nature of our services, ensuring the client comprehends their purpose and functionality. Our agent will also address any questions the client may have, providing comprehensive answers and clarification.
Upon completion of the call, our AML agent will evaluate whether the client demonstrates a full understanding of their registration and our crypto exchange services. If the client exhibits a lack of awareness or understanding, they will be disqualified from proceeding further, and the disqualification as an Axishift client will happen with immediate effect. However, we will provide them with supplementary reading materials and informative videos to enhance their knowledge and educate themselves further in relation to cryptocurrencies, trading cryptocurrencies, what the block exchange is, as well as a host of other subjects related to the services we offer.
In the event of a client failing the EDDP, they may reapply as an Axishift client after a period of 6 (SIX) weeks from the date of disqualification. This waiting period allows the client time to familiarize themselves with the provided materials and seek additional education to meet the requirements of the EDDP.
Axishift remains committed to the safety, transparency, and satisfaction of all our clients, including those who are 70 years old (SEVENTY) or above. We appreciate your cooperation in this process as we strive to maintain a secure and informed client base.
6.1. The Provider of service shall conduct normal DD in the following cases:
i. Upon establishing a new Business Relationship.
ii. If during one year the value of a single Transaction exceeds EUR 15,000, regardless of whether the financial obligation is performed in one payment or in a series of related payments.
iii. In the event of insufficiency or suspected incorrectness of the documents or information gathered previously in the course of carrying out DD measures.
iv. Upon suspicion of Money Laundering or Terrorist Financing.
6.2. In the course of conducting normal DD measures, the Representative shall apply the measures of DD as provided for in section 5.4.
6.3. The Representatives shall carry out DD measures in case of a Transaction of any Client if there is any suspicion that the Transaction might involve Money Laundering or Terrorist Financing.
6.4. The Provider of service shall, where appropriate, use e-identification as part of normal DD measures to identify and verify the identity of the Client.
6.5. The Provider of service shall not enter into Business Relationships with anonymous Clients.
7.1. When implementing due diligence measures, the following individuals must be identified:
i. Client – an individual or legal entity;
ii. Representative of the Client – a person authorized to act on behalf of the Client;
iii. Beneficial Owner of the Client;
iv. PEP – if the PEP is the Client or associated with the Client (see Section 2.10). Service will be denied if the Client is identified as a PEP or closely associated with a PEP.
7.2. When establishing a relationship with the Client or during a Transaction, AxisShift shall identify and verify the Client either in person or using information technology.
7.3. For Client identification and verification using information technology, AxisShift shall use:
7.3.1. A document issued by an EU Member State for digital identification purposes;
7.3.2. Another electronic identification system as defined by REGULATION (EU) 910/20142. For foreign nationals, an identity document issued by the relevant authority of the foreign country will also be used.
7.4. When identifying a Client and verifying their identity via information technology, AxisShift shall additionally obtain data from reliable and independent sources, such as identity document databases.
7.5. Identification of a natural person Client and a representative of a legal person Client:
The termination of a long-term or indefinite contract must include AxisShift’s right to terminate the contract immediately if the Client fails to provide requested identification or verification documents in a timely manner.
7.5.1. Upon establishing a Business Relationship, identification should be done in person or via information technology.
7.5.2. The identity of a natural person Client, or a representative of a legal person Client, must be verified each time a Transaction is carried out.
7.5.3. Follow the Rules regarding acceptable identification documents and their requirements (see Section 7.10). If original documents are not obtainable, request certified or notarized documents or use data from other reliable sources, ensuring information is obtained from at least two different sources.
7.5.4. Verify whether the person is a PEP (see Section 7.9).
7.5.5. A new Client, or if necessary, an existing Client, must confirm the accuracy of submitted information and data by signing the Client data registration sheet (see Form 1).
7.6. Identification of a legal person Client:
7.6.1. To identify a legal person Client, the Representative must:
i. Verify information concerning the legal person using relevant electronic databases (dependent on the Member State of operation);
ii. If original documents are not obtainable, request certified or notarized documents, or use data from other reliable sources (including electronic identification), ensuring information is obtained from at least two sources;
iii. Request identity documents and a notarized power of attorney from the representative of a foreign legal person, with appropriate legalization or authentication;
iv. Check whether the legal person is linked to a PEP (see Section 7.9);
v. If the Client’s legal person is based in a high-risk third country, report this to the Compliance Officer (CO), who will decide on additional measures for identification and background checks.
7.6.2. The document presented for identifying a legal person must include:
i. Business name, registry code, date of registration, and address;
ii. Names and authorizations of members of the Management Board or the head of the branch or other relevant body.
7.6.3. A legal representative of a new Client (as required) must confirm the accuracy of submitted information by signing the Client data registration sheet (see Form 1).
7.7. Consequences of Insufficient Identification:
7.7.1. If identification is found to be insufficient, the Representative must:
i. Immediately apply enhanced due diligence measures according to the Rules;
ii. Notify the CO of the failure to implement normal due diligence in a timely manner;
iii. Assess the Client’s risk profile, postpone the suspicious Transaction, and inform CO and/or Management Board (MB) as per Section 13.3.
7.8. Identification of the Beneficial Owner:
7.8.1. Identifying and assessing the Beneficial Owner(s) of a legal person is mandatory.
7.8.2. No need to identify the Beneficial Owners of a Client/company whose securities are traded on a regulated market.
7.8.3. To establish the Beneficial Owner, the Representative must:
i. Collect information about the ownership and control structure of the Client from pre-contractual negotiations or other reliable sources;
ii. Apply the principle of proportionality if no single person holds significant control (at least 25% interest), asking about persons who control the legal person or exercise dominant influence;
iii. If documents do not clearly identify Beneficial Owners, record relevant information based on statements from the representative or written documentation;
iv. Verify information through relevant registers or request appropriate documents, such as annual reports;
v. If no natural person is identifiable as the ultimate owner or controller, senior managing officials may be considered the Beneficial Owners;
vi. Pay attention to companies established in low tax rate regions.
7.8.4. When establishing the Beneficial Owner, rely on written information from credit institutions registered in the EU or EEA or equivalent third countries.
7.9. Identification of Politically Exposed Persons (PEPs):
7.9.1. To determine if a person is a PEP, the Representative shall:
i. Request necessary information from the Client;
ii. Check data on relevant supervisory authorities’ websites or institutions in the Client’s country.
iii. Use third-party software to facilitate PEP identification.
7.9.2. AxisShift will not engage in Business Relationships with clients identified as PEPs or those closely connected with PEPs.
7.10. Documents for Identification:
7.10.1. For natural persons and their representatives, acceptable documents include:
i. Personal ID card (ID card, e-resident card, residence permit);
ii. Passport or diplomatic passport;
iii. Foreign travel document;
iv. Driving license (if it includes name, photo, signature, and personal code or date of birth).
7.10.2. The Representative must copy the page of the identity document containing personal data and photo.
7.10.3. Besides the identity document, the representative must provide a document certifying the right of representation.
7.10.4. For legal persons, identification is based on:
i. An extract from the commercial register in the EU or a foreign company branch in the EU;
ii. An extract from the relevant register or a transcript of the registration certificate from a competent authority, issued within six months before submission.
7.10.5. If no original documents are used, the Representative must verify data using at least two reliable sources.
7.11. For a natural person Client, record the following data:
i. Name of the Client;
ii. Personal identification code (or date and place of birth and residence if not available);
iii. Information on identification and verification of representation rights, including document name, issue date, and issuing party if not law-based.
7.12. For a legal person Client, record:
i. Name of the Client;
ii. Registry code (or registration number and date);
iii. Names and authorizations of Management Board members or other relevant body heads;
iv. Telecommunications numbers.
8.1. To prevent the movement of illicit funds, AxisShift must establish the business profile of the Client upon entering into a Business Relationship, mapping main operations and payment practices, and noting transactional relationships and locations.
8.2. Recognize that what might be unusual for one Client may be normal for another. Understanding the Client’s activity area helps assess if Business Relationships or Transactions align with the Client’s usual commercial activities and economic reasons.
8.3. To screen out suspicious Transactions and understand their purpose, the Representative must:
i. Request additional information about the Client’s professional or economic activities if necessary;
ii. Seek explanations for Transactions and, if needed, documentation of asset origins and source of wealth;
iii. Be particularly attentive to Transactions linked with entities from high-risk states or those with inadequate information-sharing practices.
Prohibition of Mixers and Tumblers
8.4.1. AxisShift is dedicated to preventing money laundering and illicit activities. Use of Mixers and Tumblers is strictly prohibited.
8.4.2. Users are prohibited from using Mixers and Tumblers with their AxisShift wallets or transactions. Any wallet associated with such activities will result in immediate action, including account blacklisting.
8.4.3. AxisShift reserves the right to blacklist accounts involved in Mixer or Tumbler activities. Blacklisted users will be restricted from accessing our services.
8.4.4. If suspected of Mixer or Tumbler usage, AxisShift may request additional information about the transactions, including details on the origin, purpose, and involved parties.
8.4.5. Suspicious accounts may be monitored, including enhanced due diligence procedures, until compliance with AML policies is confirmed.
8.4.6. AxisShift’s prohibition aligns with local and international AML laws. Users must comply, or face potential legal consequences.
9.1. Simplified due diligence may be applied if the Client is:
i. A company listed on a regulated market with disclosure requirements consistent with EU law;
ii. A legal person governed by public law in an EU Member State;
iii. A governmental authority or public function authority in the EU or EEA;
iv. An authority of the European Union;
v. A credit or financial institution located in the EEA or a third country with equivalent requirements and state supervision.
9.2. Simplified due diligence can be applied if:
i. The Client is identifiable via publicly available information and resides in a low-risk jurisdiction;
ii. The Transaction or Business Relationship poses low AML/CFT risks.
9.3. Despite simplified measures, AxisShift retains the right to apply enhanced due diligence measures if necessary.
10.1. Enhanced Due Diligence (EDD) measures are required when the risk level associated with a Client or Transaction is elevated. This includes, but is not limited to, European Union cross-border Transactions, Transactions where the Client appears to have no clear purpose or connection to the Transaction, and similar scenarios.
10.2. The Representative must establish and continually assess the Client’s risk profile and determine their risk category according to the Rules (see Section 11). This risk category may be adjusted based on updated information. The risk profile must be reassessed before each Transaction exceeding €15,000, and appropriate EDD measures must be applied.
10.3. When the Representative detects any of the following high-risk characteristics in a Client during the initiation of a Business Relationship or Transaction, they must consult with and report to the Compliance Officer (CO) and apply the due diligence measures as outlined in the Rules:
10.4. Enhanced Due Diligence measures must be applied in the following situations:
10.4.1. When there is suspicion regarding the accuracy of the provided information or the authenticity of the identification documents related to the Client or its Beneficial Owners;
10.4.2. When the Client, or the location of a legal person Client, is situated in a third country listed as high-risk;
10.4.3. In cases of unusually large Transactions or Transaction patterns lacking a clear economic or lawful purpose;
10.4.4. For companies with nominee shareholders or shares in bearer form;
10.4.5. In situations identified as having a higher risk of Money Laundering and Terrorist Financing as described in Sections 10.1 and 10.3.
10.5. Enhanced Due Diligence measures must include, at a minimum, one of the following additional measures beyond the normal due diligence requirements established in Section 5.4:
10.5.1. Identification and verification of the Client using additional documents, data, or information from reliable and independent sources;
10.5.2. Conducting Client identification and verification in person;
10.5.3. Requesting notarization or official authentication of the identification or verification documents;
10.5.4. Obtaining and verifying additional information about the purpose and nature of the Business Relationship and Transactions from a reliable and independent source;
10.5.5. Gathering further details on the source of funds for Transactions;
10.5.6. Accepting the first payment related to a Transaction through an account held in the Client’s name at a credit institution located in a contracting state of the European Economic Area or an equivalent third country;
10.5.7. Reassessing the Client’s risk profile no later than 6 months after the initiation of the Business Relationship.
10.6. Following the implementation of Enhanced Due Diligence measures, the Management Board (MB) will decide whether to proceed with establishing or continuing the Business Relationship with the Client under enhanced scrutiny.
11.1. The Representative will establish a risk profile for a Client based on the information gathered according to the AxisShift Rules.
11.2. AxisShift categorizes risk into the following categories:
i. Normal risk (the risk level is standard, with no high-risk characteristics identified);
ii. High risk, which is further divided into High Risk I and High Risk II.
11.3. For any Client not classified as “normal risk,” the Representative must record the Client’s risk category in AxisShift’s Client database and documents as “High Risk I” or “High Risk II.” Only the Compliance Officer (CO) has the authority to modify the recorded risk category.
11.4. Assessment of Risk Profile for Natural Persons
11.4.1. When determining the risk category for a natural person Client, factors such as the Client’s country of residence, transaction beneficiaries, operating region, and status as a Politically Exposed Person (PEP) will be considered.
11.4.2. If multiple characteristics of “High Risk I” are present or if any “High Risk II” characteristics are identified in addition to “High Risk I” traits, the Client will be classified as “High Risk II.”
11.4.3. Characteristics of high risk for natural persons and appropriate due diligence measures are outlined as follow:
a. For a Client who is not the actual beneficiary of the Transaction, establish the actual beneficiary based on the Client’s statements and check the information from all available sources (e.g. internet search).
b. For a Client seeking a Transaction that is not in line with their normal activities and/or social standing, request additional information about the purpose of establishing the Business Relationship and their economic activities, along with documents proving the legal origin of their assets.
c. For a Client whose actual place of residence, employment, or business is in a risk country, or who is an official citizen/resident of such a country, request additional information about the purpose of establishing the Business Relationship and their economic activities, as well as their links with the said foreign state.
d. For a Client associated with a PEP, the decision is taken by the MB.
e. For a local PEP Client, service is denied.
f. For a Client associated with a PEP, service is denied.
a. For a Client who is a PEP or a person associated with them, service is denied.
b. For a Transaction where the actual Beneficial Owner is a PEP, service is denied.
c. For a Client suspected to be or to have been linked with a financial offense or other suspicious activities, check information about International Sanctions or seek guidance from the CO and request additional information and documents proving the legal origin of their assets.
d. For a non-resident Client whose residence or activities are in a risk country, request additional identification documents, verify this data against previously presented documents and information, and compare and validate the data against reliable and independent sources.
10.5. Enhanced Due Diligence measures must include, at a minimum, one of the following additional measures beyond the normal due diligence requirements established in Section 5.4:
10.5.1. Identification and verification of the Client using additional documents, data, or information from reliable and independent sources;
10.5.2. Conducting Client identification and verification in person;
10.5.3. Requesting notarization or official authentication of the identification or verification documents;
a. For a Client who is a legal person registered in the European Economic Area or Switzerland and is associated with enhanced money-laundering risk, request additional identification documents, verify this data against previously presented documents and information, and request additional documents concerning the substance of the Transaction.
b. For a Client seeking a Transaction that does not match their normal economic activities, request additional information about the purpose of establishing the Business Relationship and documents proving the legal origin of their assets.
c. For a Client situated in a risk country, request additional information about their links with the said foreign state and the purpose of establishing the Business Relationship.
d. For a nonprofit association, trust, civil law partnership, or other contractual legal arrangement with insufficient legal regulation, check the authenticity of the presented documents, verify the accuracy of the data, and request additional information and documents proving the legal origin of their assets.
e. For a Client whose representative or Beneficial Owner is a local PEP or their family member, service is denied.
a. For a Client whose representative or Beneficial Owner is a PEP or their family member, deny service.
b. For a Client suspected to be or to have been linked with a financial offense or other suspicious activities, check information about International Sanctions or seek guidance from the CO and request additional information and documents proving the legal origin of their assets.
c. For a legal person registered outside the European Economic Area with a high risk of Money Laundering, operating outside its registered location, or in a low tax rate country, request additional information about their links with the said foreign state and the purpose of establishing the Business Relationship, and verify and compare the submitted data against reliable and independent sources, if possible.
10.5.4. Obtaining and verifying additional information about the purpose and nature of the Business Relationship and Transactions from a reliable and independent source;
10.5.5. Gathering further details on the source of funds for Transactions;
10.5.6. Accepting the first payment related to a Transaction through an account held in the Client’s name at a credit institution located in a contracting state of the European Economic Area or an equivalent third country;
10.5.7. Reassessing the Client’s risk profile no later than 6 months after the initiation of the Business Relationship.
10.6. Following the implementation of Enhanced Due Diligence measures, the Management Board (MB) will decide whether to proceed with establishing or continuing the Business Relationship with the Client under enhanced scrutiny.
11.1. The Representative will establish a risk profile for a Client based on the information gathered according to the AxisShift Rules.
11.2. AxisShift categorizes risk into the following categories:
i. Normal risk (the risk level is standard, with no high-risk characteristics identified);
ii. High risk, which is further divided into High Risk I and High Risk II.
11.3. For any Client not classified as “normal risk,” the Representative must record the Client’s risk category in AxisShift’s Client database and documents as “High Risk I” or “High Risk II.” Only the Compliance Officer (CO) has the authority to modify the recorded risk category.
11.4. Assessment of Risk Profile for Natural Persons
11.4.1. When determining the risk category for a natural person Client, factors such as the Client’s country of residence, transaction beneficiaries, operating region, and status as a Politically Exposed Person (PEP) will be considered.
11.4.2. If multiple characteristics of “High Risk I” are present or if any “High Risk II” characteristics are identified in addition to “High Risk I” traits, the Client will be classified as “High Risk II.”
11.4.3. Characteristics of high risk for natural persons and appropriate due diligence measures are outlined in Table 1 (to be provided later).
11.5. Assessment of Risk Profile for Legal Persons
11.5.1. For legal persons, the risk assessment will consider factors such as the country of location, business activities, transparency of ownership structure, and management.
11.5.2. If multiple characteristics of “High Risk I” are present or if “High Risk II” characteristics are identified in addition to “High Risk I” traits, the Client will be classified as “High Risk II.”
11.5.3. Characteristics of high risk for legal persons and appropriate due diligence measures are outlined in Table 2 (to be provided later).
11.6. Due diligence measures may be combined as necessary to address listed or unlisted risks.
11.7. Identification and Management of Technology and Service Risks
11.7.1. AxisShift employs secure technological solutions and implements physical and personal security measures:
Technological Solution: Open source freeware products (audited by the community).
Physical Measures: Cloud-based solutions (e.g., Amazon, Azure), secure key storage managed by the CTO.
Personal Measures: Full-time developers with signed NDAs; special procedures will be developed.
11.7.2. AxisShift uses specialized technical solutions to ensure service security and maintain transaction history:
Special Technical Solution: Modular system for isolation, encrypted communication among modules, and separate key management service. – Automated module intrusion detection.
11.7.3. Authorization and account security measures include:
Standard SSL traffic and session encryption.
User-level authentication.
Two-factor authentication.
Private data encryption using public-private key encryption.
Modular system approach.
Enforced two-factor authentication.
Data encryption and separate key storage.
11.7.4. In the event of a technological breach, AxisShift will:
Require multiple compromised services due to the modular approach.
Use isolated log services for monitoring, analysis, and intrusion detection.
Rotate and back up logs on a separate encrypted module.
Employ a firewall for load balancing and DDoS protection.
11.7.5. There are no limits on the amount of virtual currency types; system limits apply based on verification level and procedure. Capital is partly held in hot wallets, with the remainder in remote/cold storage.
11.7.6. The service provider is responsible for security, with the support team monitoring, identifying threats, and reporting to the Management Board (MB).
11.7.7. AxisShift systematically assesses whether additional security measures are needed.
11.8. Suspicious and Unusual Transactions
11.8.1. The Representative will determine if a Transaction is unusual based on all available Client and Transaction information. Suspicious Transactions or activities lacking a clear economic or legal purpose must be analyzed for indications of Money Laundering or Terrorist Financing.
11.8.2. Transactions lacking a clear economic reason or normal activity, especially if they are large (EUR 15,000 or more) or involve third parties making payments, will be considered suspicious.
11.8.3. Any suspicious or unusual Transactions will require the Client to provide an explanation and documentation proving the legal origin of the funds.
11.8.4. The Representative must investigate all suspicious or unusual cases thoroughly, recording all relevant details.
11.8.5. Key aspects to address in suspicious Transaction analysis include:
i. Identifying the suspicious activity and any recurrent indications.
ii. Ensuring all procedures for Client identification have been followed.
iii. Confirming all required information was obtained, and seeking additional clarification if needed.
11.9. Prohibited Transactions
Transactions exhibiting any of the following characteristics may proceed only with MB consent:
i. Insufficient or unclear authorizations.
ii. Unjustified need for the Transaction.
iii. Unclear or overly complex Client management and control structures.
iv. Non-transparent economic activities or accounting practices.
v. Potentially fictitious entities.
vi. Unestablished Beneficial Owners.
vii. Unclear representation or authorization.
viii. Refusal to provide necessary information.
ix. Insufficient proof of legal asset origin.
x. Links to organized crime or Money Laundering.
xi. Connections to traditional crime sources.
xii. Subject to international sanctions.
xiii. Nominee shareholders or bearer shares.
12.1. The Representative will ensure that Client and Transaction data are recorded in AxisShift’s Client database as required.
12.2. Client Data Registration (Natural Persons)
12.2.1. Data to be recorded includes:
i. Name, ID code or date of birth, and address.
ii. Identification document details.
iii. Occupation and status.
iv. Public function status and family associations.
v. Citizenship and tax residency.
vi. Asset origin.
12.2.2. For representatives, record:
i. Identification details.
ii. Document used for establishing representation.
12.2.3. Data from digital ID cards or e-identification systems will be saved automatically; face-to-face meetings will involve recording document details.
12.3. Client Data Registration (Legal Persons)
12.3.1. Data to be recorded includes:
i. Name, legal form, registry code, address, registration date, and activity locations.
ii. Communication details and contact person(s).
iii. Beneficial Owner information.
iv. Fields of activity.
v. Identification document details.
vi. Tax residency and VAT number.
vii. Registration date in AxisShift’s database.
viii. Purpose of the Business Relationship.
ix. Asset origin.
x. Expected Transactions, amounts, and regions.
12.3.2. Beneficial Owner information includes:
i. Name, ID code or date of birth, and residence.
ii. Type of control.
iii. Representative details.
12.3.3. Digital ID data will be saved automatically; face-to-face meetings will involve recording document details.
12.3.4. Legal representative information from the B-card will be recorded.
12.3.5. Transaction information includes:
i. Date and description of the Transaction.
ii. Securities details if applicable.
iii. Other relevant information.
12.4. Additional Data Recording
12.4.1. Record decisions to refuse or terminate Business Relationships or Transactions due to due diligence measures.
12.4.2. Document issues in taking due diligence measures due to technology constraints.
12.5. Data Storage
12.5.1. Data is stored in written or reproducible format and accessible to relevant staff.
12.5.2. Transaction information reported to the FIU is stored by the CO and accessible only to the MB.
12.5.3. Identification and Business Relationship documents are stored for at least five years post-termination.
12.5.4. Transaction and reporting documents are stored for at least five years.
12.5.5. Digital identification data, electronic queries, and recordings are stored for at least five years.
12.5.6. Additional information stored includes:
i. Submission or update details.
ii. Representative’s name and position.
13.1. Notification of the CO
13.1.1. Any circumstances identified in the Business Relationship that are unusual or suspicious or that indicate Money Laundering, Terrorist Financing, or an attempt thereof, the Representative shall promptly notify the CO.
13.1.2. The CO shall analyze and forward the respective information to the MB.
13.2. Notification of FIU
13.2.1. Before reporting any Transaction connected with suspected Money Laundering or Terrorist Financing to the relevant Member State FIU, the CO shall analyze the content of the information received, considering the Client’s current area of activity, payment practice, and other known information.
13.2.2. The CO shall decide whether to forward the information to the FIU, and the MB shall decide whether to postpone the Transaction and/or terminate the Business Relationship. If postponing a Transaction could cause substantial harm to the parties, the Transaction shall be carried out, and the FIU shall be notified thereafter.
13.2.3. The CO shall make a notation “AML” behind the name of the Client in Axishift’s Client database or on the documents, and shall notify the FIU of the Transaction promptly, but no later than within 2 business days after discovering any activities or circumstances or arising of suspicion, using the respective web-form for notifying the FIU. Copies of the documents as set forth by guidelines of FIU or further requested by FIU shall be appended to the notice.
13.2.4. The FIU shall be notified of any suspicious and unusual Transactions, including those where the financial obligation exceeds 32,000 euros or an equivalent amount in another currency, regardless of whether the Transaction is made in a single payment or several related payments.
13.2.5. If there is a notation “AML” made in the Client’s records, Transactions can be carried out only subject to the prior consent of the MB.
13.2.6. The CO shall store in a format reproducible in writing any reports received from the Representatives about suspicious and unusual Transactions, as well as all information gathered to analyze such notices, and other linked documents and notices to be forwarded to the FIU, along with the time of forwarding the notice and the information about the Representatives who forwarded the same.
13.2.7. The Client or the person participating in the Transaction (including their representative and other connected persons) who is reported to the FIU as being suspicious, may not be informed of the same.
13.2.8. It is also prohibited to inform any third persons, including other Representatives, of the fact that information has been reported to the FIU, and the content of the reported information, except for the MB/CO.
13.3. Termination of the Business Relationship with a Client and Cancelling a Transaction in the Event of Suspected Money Laundering and Terrorist Financing
13.3.1. Pursuant to law, Axishift is obliged to extraordinarily and unilaterally terminate the Business Relationship and cancel all Transactions with the Client, without observing the advance notification period, if:
i. The Client fails to present upon identification or upon updating the previously gathered data or the taking of DD measures, true, full, and accurate information, or
ii. The Client or a person associated with the Client does not present data and documents evidencing the lawfulness of the economic activities of the Client, or the legal origin of the funds used in the Transaction, or
iii. The Client uses fictitious persons to carry out the Transaction, or
iv. Axishift suspects for any other reasons that the Client or the person associated with the Client is involved in Money Laundering or Terrorist Financing, or
v. The documents and data submitted by the Client do not dispel Axishift’s suspicions about the Client’s possible links with Money Laundering or Terrorist Financing.
13.3.2. The decision on terminating the Business Relationship and the activity of carrying out the Transactions shall be taken by the Management Board, considering also the proposal of the CO.
13.3.3. The Client shall be notified of the termination of Business Relationship and cancellation of Transactions in writing, provided that it is consistent with Section 13.2.7. Notation about the cancellation of the Business Relationship shall be made in Axishift’s Client database or documentation, and a note “AML” shall be added to the Client’s data, provided that it is consistent with Section 13.2.8.
13.4. Indemnification of the Representatives
13.4.1. Axishift and its Representatives shall not, upon the performance of the obligations arising from the Rules, be liable for damage arising from failure to carry out a Transaction (by the due date) if the damage was caused to the persons participating in the Transaction made in economic or professional activities in connection with the notification of the FIU of the suspicion of Money Laundering or Terrorist Financing in good faith, or for damage caused to a Client or a person participating in a Transaction carried out in economic or professional activities in connection with the cancellation of a Business Relationship and Transactions on the basis provided in Section 13.3.
13.4.2. Fulfillment of the notification obligation by the Representative acting in good faith, and reporting the appropriate information shall not be deemed a breach of the confidentiality obligation imposed by the law or the contract, and no liability stemming from the legislation or the contract shall be imposed upon the person who has performed the notification obligation.
14.1. The Provider of service is required to implement International Sanctions in force.
14.2. Representatives shall draw special attention to all its Clients (present and new), to the activities of the Clients and to the facts which refer to the possibility that the Client is a subject to International Sanctions. Control and verification of possibly imposed International Sanctions shall be conducted by the Representatives as part of DD measures applied to the Clients in accordance with these Rules.
14.3. The Representatives who have doubts or who know that a Client is subject to International Sanctions shall immediately notify the CO. In case of doubt, if the CO finds it appropriate, the Representative shall ask the Client to provide additional information that may help to identify whether he/she is subject to International Sanctions or not.
14.4. The CO shall be responsible for the implementation of International Sanctions.
14.4.1. The CO shall:
i. Regularly follow guidelines of the European Banking Authority (EBA) and of Europol, in addition to guidelines of relevant domestic FIU in the EU Member States.
ii. Immediately take measures provided for in the act on the imposition or implementation of International Sanctions;
iii. Upon entry into force of an act on the imposition or implementation of International Sanctions, the amendment, repeal, or expiry thereof, immediately check whether any of the Clients are subject to International Sanctions with regards to whom the financial sanction is imposed, amended or terminated;
iv. If an act on the imposition or implementation of International Sanctions is repealed, expires, or is amended in such a manner that the implementation of International Sanctions with regard to the subject of International Sanctions is terminated wholly or partially, terminate the implementation of the measure to the extent provided for in the act on the imposition or application of International Sanctions;
v. Keep an updated record of subjects of International Sanctions and submit this information to the Representatives in a form that allows using this information in the course of their activity;
vi. Provide training to the Representatives that allows them to establish independently the subjects of International Sanctions;
vii. Assist the Representatives if they have doubt or knowledge that a Client is a subject to International Sanctions;
viii. Supervise the application of the Rules regarding the implementation of International Sanctions by the Representatives;
ix. Review and keep updated the Rules regarding the implementation of International Sanctions;
x. Notify FIU of Clients who are subject to International Sanctions or in part of whom the CO, the Representatives have doubts;
xi. Keep a record of made checks, notifications submitted to FIU, and applied measures in part of detected subjects to International Sanctions.
14.4.2. When making checks on Clients to detect whether they are subject to International Sanctions, the following information shall be recorded and preserved for five years:
i. Time of inspection;
ii. Name of the person who carried out the inspection;
iii. Results of inspection;
iv. Measures taken.
14.4.3. If in the course of the check, it is detected that a Client or a person who used to be a Client is subject to International Sanctions, the CO shall notify the Representatives who dealt with this Client, the Management Board, and FIU. The notification shall be submitted at least in a way that allows its reproduction in writing.
14.4.4. The Client who is subject to International Sanctions and about whom the notification is made, shall not be informed of the notification.
14.4.5. Application of special measures and sanctions on the Client who is detected to be subject to International Sanctions should be authorized by FIU.
14.4.6. When making checks of Clients, the possible distorting factors in personal information (i.e., way of written reproduction of name etc.) must be kept in mind.
15.1. Axishift shall ensure that all Representatives who have contacts with Clients or matters involving Money Laundering are provided with regular training and information about the nature of the Money Laundering and Terrorist Financing risks, as well as any new trends within the field. The CO shall arrange regular training concerning the prevention of Money Laundering and Terrorist Financing to explain the respective requirements and obligations.
15.2. Initial training is provided at the start of the Representative’s service. The Representatives who are communicating with the Clients directly may not start working before they have reviewed and committed to the adherence of these Rules or participated in the Money Laundering and Terrorist Financing prevention training.
15.3. Training is provided regularly, at least once a year, to all Representatives and other relevant designated staff of Axishift. Training may be provided also using electronic means (conference calls, continuous email updates with confirmation on receipt and acceptance returned, and similar means).
15.4. Training materials and information shall be stored for at least three years.
16.1. Compliance with the Rules shall be inspected at least once a year by the CO, whose job duties are set out in Section 4.1.
16.2. The report on the results of the inspection concerning the compliance with the measures for prevention of Money Laundering and Terrorist Financing shall set out the following information:
i. Time of the inspection;
ii. Name and position of the person conducting the inspection;
iii. Purpose and description of the inspection;
iv. Analysis of the inspection results or conclusions drawn on the basis of the inspection.
16.3. If the inspection reveals any deficiencies in the Rules or their implementation, the report shall set out the measures to be applied to remedy the deficiencies, as well as the respective time schedule and the time of follow-up inspection.
16.4. If a follow-up inspection is carried out, the results of the follow-up inspection shall be added to the inspection report, which shall state the list of measures to remedy any deficiencies discovered in the course of the follow-up inspection, and the time actually spent on remedying the same.
16.5. The inspection report shall be presented to the MB, who shall decide on taking measures to remedy any deficiencies discovered.
17.1. Axishift does not provide its services to the following countries:
Afghanistan, Albania, Algeria, American Samoa, Angola, Armenia, Aruba, Azerbaijan, Bahamas, Balkans, Barbados, Belarus, Belize, Benin, Bermuda, Bolivia, Bosnia & Herzegovina, Botswana, Burkina Faso, Burma, Burundi, Cambodia, Cape Verde, Cayman Islands, Central African Republic, Colombia, Congo, Côte D’Ivoire (Ivory Coast), Cuba, Democratic Republic of Congo, Dominica, Egypt, Equatorial Guinea, Eritrea, Ethiopia, Fiji, French Guiana, Gambia, Gaza Strip, Ghana, Guam, Guinea Samoa, Guinea-Bissau, Guyana, Haiti, Honduras, Iran, Iraq, Jamaica, Kenya, Kosovo, Laos, Lebanon, Liberia, Libya, Mali, Marshall Islands, Mongolia, Montenegro, Morocco, Mozambique, Myanmar, Nicaragua, Niger, Nigeria, North Korea, Oman, Pakistan, Palau, Palestine, Panama, Puerto Rico, Russia, Saint Maarten, Saudi Arabia, Senegal, Serbia, Sierra Leone, Somalia, South Sudan, Sri Lanka, Sudan, Swaziland, Syria, Tajikistan, Timor-Leste, Togo, Trinidad and Tobago, Tunisia, Turkey, Uganda, Ukraine, US Virgin Islands, Vanuatu, Venezuela, West Bank, Yemen, Zimbabwe.