- Overview of Playbook
- AML Compliance
- Risk Level Classification
- Further guidance
- About this document
Annex: High-risk and other monitored jurisdictions
2. AML Compliance
2.1 What is Compliance? As an individual or organization, you may have to comply with many different regulations depending on your business model, customers, products, and operations jurisdiction as an individual or organization. The goal of those regulations and Compliance is to protect the integrity of the financial system and the customers and investors. It includes mainly Anti-Money Laundering (AML) and Counter Financing of Terrorism (CFT) regulations, sanctions regulations, consumer protection laws, data protection regulations, etc.
This document focuses on anti-money laundering and counter-terrorist financing regulations and sanctions regulations.
2.2 Why is AML Compliance important?
Compliance is important to:
- Analyze vulnerability to money laundering and related risks
- Establish minimum controls to mitigate risks
- Comply with laws and regulations
- Reduce operational and reputational risk
2.3 AML Compliance controls
AML Compliance controls include:
Controls to be set will depend on the jurisdiction where your business is located and on if it is fully decentralized or not. However, if your business is considered as a virtual asset service provider (VASP) or a financial intermediary, the following controls would apply:
- Registration and/or licensing with one or several regulators
- Application of a risk-based approach starting with a risk assessment
- Know Your Customer (KYC) on customers with different levels of controls depending on the risk; requirements here may vary from one jurisdiction to another. In some, it is only necessary to provide identity documents and selfies; in others, video identification is required, proof of address, and additional questions on the source of funds and purpose of the relationship.
- Sanctions screening