Enjoy 10% OFF
Buy your favorite Mediterranean food or our most selected regional treasures that you always wanted to taste. It’s valid for all our products, for your first purchase only.
Last update: March 2022
This document applies to AI MALL LTD, its subsidiaries or holding companies from time to time and any subsidiary of any holding Company from time to time (hereinafter the “AI Mall”, “AIM” or “We”), in relation to the adopted KYC guidelines.
The KYC guideline sets the requirements for determining and verifying the identity of any person who establishes a relationship with AIM. These requirements enable AIM to form a reasonable belief that it knows the true identity of each of its users
The KYC guidelines in this document are aimed at preventing AIM from being used, intentionally or unintentionally, by criminal elements for money laundering activities or terrorist financing activities. KYC procedures shall also enable AIM to know and understand its Users and its financial dealings better which in turn will help it to manage its risks prudently. Thus, the KYC policy has been framed by AIM for the following purposes:
The target audience for this guideline is all AIM employees responsible for establishing user and user relationships, opening and maintaining accounts and processing transactions.
AIM is prohibited from transacting business with individuals, companies and countries that are on prescribed sanctions lists.
AIM will therefore screen against United Nations, European Union, UK Treasury and US Office of Foreign Assets Control (OFAC) sanctions lists in all jurisdictions in which AIM operates. Respective AIM’s AML policies, procedures and internal controls are designed to ensure compliance with all applicable regulations and rules, including, but not limited to FATF, OFAC, EU PSD2 and MLD5 Directives, other internationally accepted regulations, local and national regulations (Regulations), and will be reviewed and updated on a regular basis to ensure appropriate policies, procedures and internal controls are in place to account for both changes in regulations and changes in our business.
AIM operates so that it is compliant with ‘anti-money laundering’ (“AML”) and ‘know your user’ (“KYC”) rules and regulations in the jurisdictions it operates in or provides products or services to and has developed this KYC and AML Policy to protect itself from involvement in money laundering or suspicious activity as follows:
AIMis adopting the following KYC policies in compliance with applicable Regulations:
Enhanced User review may be carried out periodically at AIM discretion as part of AIM ongoing risk assessment. In addition to this, any attempt to abuse AIM or its platform will result in immediate account suspension and reporting violations to respective authorities.
AIM insists on a comprehensive and thorough KYC and AML compliance framework. This includes monitoring of suspicious transactions and obligatory reporting to local regulators and other compliance bodies, and submitting documents and information to regulators as required and without prior notification to registered users.
AIM reserves the right to refuse registration to persons from jurisdictions that do not meet international AML standards. AIM may at any time without liability and without disclosing any reason, suspend the operation of the respective user.
AIM ’s User acceptance program (UAP) lays down the criteria for acceptance of Users. The guidelines in respect of user/user relationship in the AIM broadly includes verification in accordance with Annex I hereto.
Unless prohibited by local law, in order to verify the identity of new users, prior to account opening a new user notice should be provided (Refer to Annex 1). This notice must inform new users that to help prevent money laundering and terrorist financing. This notice should also inform new users of the specific information to be collected and any documentation required for verification of user identity.
AIM’s User Identification Program (UIP) sets forth the requirements for determining and verifying the identity of any person seeking to establish a relationship with AIM.
The user identification is a critical step. Verification of identity does not replace the requirement to conduct appropriate due diligence for users prior to establishing a user relationship and opening an account.
These requirements, which are consistent with international standards and satisfy AIM’s obligations under regulatory requirements, enable AIM to form a reasonable belief that it knows the true identity of each of its users.
Specific identification information must be obtained and some or all of this information must be verified by documentary and non-documentary methods in accordance with Annex I hereto.
Scope
AIM UIP requirements must be followed by all AIM businesses and legal entities. These requirements apply globally to achieve consistency and uniformity in the verification of identification of all AIM users.
Owner
The UIP is owned by the CEO or the Head of AML Compliance who is responsible for its day-to-day oversight and administration.
Effective date
The UIP becomes effective to all AIM users.
Testing and quality assurance (QA) control assessment
Periodic testing of the requirement of the UIP and the other relevant implementing procedure are conducted by the Compliance Team.
The business is also responsible for developing a QA process to analyse and identify any control weaknesses with regards to the requirements of the UIP and opportunities for process and performance improvement.
User Identification Program
User Identification means identifying the User and verifying his/her identity by using reliable, independent source documents, data or information. AIM shall obtain sufficient information necessary to verify the identity of each new User along with brief details of its promoters and management, wherever applicable, whether regular or occasional and the purpose of the intended nature of business relationship. The requirement as mentioned herein may be moderated according to the risk perception.
Besides risk perception, the nature of information/documents required would also depend on the type of User (individual, corporate etc).
For Users that are natural individuals, AIM shall obtain sufficient identification data to verify the identity of the User, his address/location, and also his recent photograph.
For users that are legal individuals or entities, the AIM shall:
An indicative list of the nature and type of documents/information that may be relied upon for user identification is given in Annex II. AIM will frame internal guidelines based on its experience of dealing with such individuals/entities, normal prudence and the legal requirements.
The User Identification Program (UIP) must include reasonable and practical risk-based procedures for verifying the User identity. Where required by local law, a country or region may implement procedures that apply to a business or businesses within that specific region or country in accordance with Annex I hereto.
The UIP procedure can be incorporated into other business-specific AML policies, programs and procedures in accordance for the effective implementation and requirements.
Gathering and verifying required user identification information
The first step in the UIP process is to gather the required user identification information in accordance with Annex I hereto. This information must be obtained prior to opening an account or otherwise establishing a relationship and before any transactions are permitted.
In accordance with the KYC principles, no transactions are permitted until the identification number has been received.
User identification information that has been obtained from the prospective user has to be verified. A periodic review and client refresh have to be conducted. Depending on a user’s risk profile, activity in an account may be permitted before verification of identification has been completed. In this case approval is required by the AML Committee. If the identity of a user cannot be verified within 30 days of account opening, the account must be closed and the relationship terminated.
Furthermore, a business may rely on a third party to perform some or all of the AIM UIP requirements. In this case, verification has to be conducted whether a third party may be relied upon to perform some or all UIP on AIM’s behalf. In case of uncertainty matter must be referred to the AML Committee.
Comparison with government list of known or suspected terrorists
An integration of activities for screening against any government issued list of known or suspected terrorists should be considered. This procedure may be integrated with those established to screen user names against government sanctions list.
Record Retention Requirements
All identification information collected must be retained in accordance with the AIM Records Management Policy for a period of five years after the user’s last account is closed unless otherwise required by local law. Procedures for retaining such records must be documented.
Roles and responsibilities
Responsibilities of the business include:
Senior management is responsible for providing oversight of the UIP, in particular with regard to:
AIM will monitor transactions of Users in accordance with applicable laws and regulations.
The Management of AIM shall ensure that an effective KYC program is put in place by establishing appropriate procedures and ensuring their effective implementation. It will cover proper management oversight, systems and controls, segregation of duties, training and other related matters. Responsibility will be explicitly allocated within the AIM for ensuring that the policies and procedures as applicable to the Company are implemented effectively. AIM shall devise procedures for creating Risk Profiles of their existing and new Users and apply various Anti Money Laundering measures keeping in view the risks involved in a transaction, account or business relationship.
AIM will apply Employee Training Programs on a regular basis and as required by applicable international and national law and regulations, respectively.
All identification information collected at account opening and user on-boarding must be retained in accordance with AIM policy for a period of five years after the user’s last account is closed, or for credit card accounts, for a period of five years after the account is closed, unless otherwise required by local law. ANNEXES
ANNEX 1- MODULE NOTICE
For natural and legal individuals
IMPORTANT INFORMATION ABOUT PROCEDURES FOR OPENING A NEW ACCOUNT AT AIM portal
To prevent money laundering and terrorist financing, the laws of many jurisdictions and AIM procedures, require AIM to obtain, verify and record information that identifies each person who opens an account in the AIM portal.
What this means for you:
We will ask your name, address, date of birth and other information that will allow us to identify you. We may also ask to see a photo ID or other identifying documents to proceed with AML regulations.
If the identification information cannot be verified, AIM is not allowed to maintain user relationships which must be terminated as soon as possible in accordance with law and regulations. If, during the course of verifying AIM user’s identification information a suspicion is aroused, the issue can be escalated to our relevant AML Investigative Unit and a suspicious activity report must be filed in accordance with the AIM business’s policy.
We appreciate your understanding and cooperation to support high level of AIM reputational standards.
ANNEX 2 – SELLER IDENTIFICATION REQUIREMENTS (INDICATIVE GUIDELINES)
Identification of individuals who are users or beneficial owners or authorised signatories
AIM should collect the following information for identification purposes from the user or any other available source, subject to GDPR consent, if the user is the resident of EU country:
Table 1: Identification information of natural individual
At a minimum | Potential additional information (on the basis of risks) |
Name (i.e. first and last name) | Any other names used (such as marital name, former legal name or alias) |
Complete residential address | Business address, post office box number, e-mail address and landline or mobile telephone numbers |
Nationality, an official personal identification number or other unique identifier | Residency status |
Date and place of birth | Gender |
When the account opening is the start of a user relationship, further information should be collected with a view to developing an initial user risk profile:
Table 2: Identification Information related to the user’s risk profile
Key attributes | Potential additional information (on the basis of risks) |
Occupation, public position held | Name of employer, where applicable; |
Income | Sources of user’s wealth |
Expected use of the account: amount, number, type, purpose and frequency of the transactions expected | |
Financial products or services requested by the user. | Destination of funds passing through the account. |
Verification of identity of natural individual
The measures to verify the information produced should be proportionate to the risk posed by the user relationship and should enable AIM to satisfy itself that it knows who the user is.
Further verification of information on the basis of risks
Users with high-risk profiles, such as PEPs, will be rejected by AIM as a rule.
However, if decided by authorized management particular attention needs to be focused on those users assessed as having higher-risk profiles.
Additional sources of information and enhanced verification procedures may include:
The procedures above should also be applied to legal business and arrangements. AIM should identify and verify the identity of the user and understand the nature of its business, and its ownership and control structure, with a view to establishing a user risk profile.
Legal individual includes any entity (e.g. business or non-profit organisation, distinct from its officers and shareholders) that is not a natural person or a legal arrangement.
In considering the user identification guidance for the different types of legal persons, particular attention should be given to the different levels and nature of risk associated with these entities.
Verification of identity of legal individual
For legal individual, the following information should be obtained for identification purposes:
Table 1: Identification information of legal individual
At a minimum | Potential additional information (on the basis of risks) |
Name, legal form, status and proof of incorporation of the legal person | |
Permanent address of the principal place of the legal person’s activities | |
Official identification number (company registration number, tax identification number, VAT VIES number, if applicable) | Legal entity identifier (LEI) if eligible |
Mailing and registered address of legal person | Contact telephone and fax numbers |
Identity of natural persons who are authorised to operate the account. In the absence of an authorised person, the identity of the relevant person who is the senior managing official | Identity of relevant persons holding senior management positions |
Identity of the beneficial owners | |
Powers that regulate and bind the legal person (such as the articles of incorporation for a corporation) |
“Beneficial owner” is the natural person(s) who ultimately owns or controls a user and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement.
When the account opening is the start of a user relationship, further information should be collected with a view to developing an initial user risk profile.
Table 2: Identification Information related to the user’s risk profile
At a minimum | Potential additional information (on the basis of risks) |
Nature and purpose of the activities of the legal entity and its legitimacy; | Financial situation of the entity; |
Expected use of the account: amount, number, type, purpose and frequency of the transactions expected. | Sources of funds paid into the account and destination of funds passing through the account. |
Verification of identity of legal individual
The measures to verify the information produced should be proportionate to the risk posed by the user relationship and should enable AIM to satisfy itself that it knows who the user is.
Verification of identity of authorised signatories and of beneficial owners of the users shall be conducted in accordance with the procedure for natural persons above.
Further verification of information on the basis of risks
As part of its broader user due diligence measures, AIM should consider, on a risk-sensitive basis, whether the information regarding financial situation and source of funds and/or destination of funds should be corroborated.