Terms of Services

Bitget’s AML/CFT Policies

2023-03-07 02:00711952

Make sure you read Bitget's Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) Policies carefully.

Bitget's AML/CFT Policies and Procedures

This document outlines Bitget's Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) policies and procedures. This document is intended for general informational purposes only and is not legally binding on Bitget and/or any other person (natural or otherwise).

A. Principles and Methods of Bitget AML/CFT Measures

Bitget is committed to supporting AML/CFT efforts. In principle, we are committed to:

● Conducting due diligence when dealing with our customers and natural persons appointed to act on behalf of our customers.

● Conducting business in accordance with high ethical standards and, to the greatest extent possible, preventing the establishment of any business relationship that is related to or could contribute to money laundering or terrorism financing.

● Assisting and cooperating with the relevant legal authorities, to the fullest extent possible, in order to prevent the threat of money laundering and terrorism financing.

B. Bitget's Risk Assessment and Risk Mitigation Methodology

Risk Assessment

We anticipate that the majority of our customers will be retail customers. As of the date of this policy, we are operating primarily in the Republic of Seychelles.

In this regard, we shall:

a. Record and/or collect documentation on the following:

1) The identity of our customers.

2) The country or jurisdiction from or in which our customers are located.

b. Ensure, to the best of our knowledge, skills, and abilities, that our customers, connected persons of our customers, natural persons appointed to act on behalf of our customers, and beneficial owners of our customers are assessed and screened with the assistance of lists of designated individuals and entities for (but not limited to):

● Democratic People's Republic of Korea

● Democratic Republic of the Congo

● Iran

● Libya

● Somalia

● South Sudan

● Sudan

● Yemen

● UN Al Qaida (1267/1989) sanctions list

● UN Taliban (1988) sanctions list

● Persons identified in Schedule 1 of the Terrorism (Suppression of Financing) Act, Chapter 325.

Risk Mitigation

When identified, we shall not deal with anyone on the list of designated individuals and entities.

C. New Products, Practices, and Technical Methodology

We shall provide appropriate notice on the identification and assessment of money laundering and terrorist financing risks that may arise in the following areas:

● Development of new products and business practices, including new delivery mechanisms.

● Use of new or developing technologies for new and existing products

We shall pay particular attention to any new products and new business practices that facilitate anonymity, including new delivery mechanisms and new or developing technologies, such as digital passes that facilitate anonymity (whether securities, payments, and/or utility tokens).

D. Approach to Customer Due Diligence (CDD)

We do not open, maintain, or accept anonymous or pseudonymous accounts.

We shall not enter into a business relationship with or executive trades for customers when we have reasonable grounds to suspect that their assets or funds are the proceeds of drug dealing or other criminal behavior. We shall file an STR for such transactions and provide a copy to the relevant FIU.

We shall perform customer due diligence in the following situations:

● When we enter into a business relationship with any customer.

● When we execute transactions for any customer with whom we do not have an established business relationship.

● When we receive cryptocurrency transfers for customers with whom we do not have a business relationship.

● When we suspect money laundering or terrorism financing.

● When we doubt the truth or adequacy of any information.

When we suspect that two or more transactions are or may be related or connected or that an otherwise single transaction has been intentionally reorganized into smaller transactions in order to evade Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) measures, we shall treat the transaction as a single transaction and aggregate its value in order to comply with the AML/CFT principles.

Customer Verification

We shall verify the identity of all of our customers.

In order to verify our customers, we need to know at least:

● Their full names, including any aliases.

● Their unique identification number (e.g., identity card number, birth certificate number, or passport number or, where the customer is not a natural person, their business registration number); or

● Their registered address, or their registered business address (if applicable), or their principal place of business if the registered and business addresses are different; and

● Their date of birth, establishment, or registration; and

● Their nationality or place of registration.

If the customer is a legal person, we shall, in addition to obtaining the relevant information outlined above, identify their legal entity type, their statutes, and the powers that regulate and bind them as a legal person. We shall also identify their related parties (e.g., directors, partners, and/or persons with executive powers) by obtaining, at a minimum, the following information for each:

● Their full names, including any aliases.

● Their unique identification number, such as an identity card number, birth certificate number, or passport number.

Customer Identity Verification

We shall use reliable and independent data, documents, or information to verify the identity of our customers. If our customer is a legal person or legal arrangement, we shall use reliable and independent data, documents, or information to verify their legal entity type, proof of existence, statutes, and the powers that regulate and bind them.

Customer Representative Identity Verification

a. Customer Representatives

If a customer appoints one or more natural persons to represent them in their business relationship with us, or if the customer is not a natural person, we shall:

● Identify each natural person acting on behalf of the customer or appointed to act on behalf of the customer by obtaining the following information:

● Their full names.

● Their unique identification number.

● Their residential address.

● Their date of birth.

● Their nationality.

● Data and documents from reliable and independent sources that can be used to verify the identity of such natural persons.

We shall also verify the proper authority of each natural person designated to act on behalf of our customer by obtaining the following information:

● Appropriate written evidence authorizing the appointment of such natural persons as our customer's representatives.

● The specimen signature of each natural person.

If the customer claims to be a government entity, we shall obtain only such information as may be necessary to confirm the customer's claimed identity.

Identification and Verification of Beneficial Owners

We shall inquire the existence of any beneficial owners associated with the customer.

If the customer has one or more beneficial owners, we shall identify the beneficial owner(s) and take reasonable steps to verify the identity of the beneficial owner(s) using relevant information or data obtained from reliable and independent sources.

If the customer is a legal person, we shall:

● Identify the natural persons (whether acting independently or in concert) with ultimate ownership over the legal person.

● If there is doubt as to whether the natural persons with ultimate ownership over the legal person are the beneficial owners, or if no natural persons have ultimate ownership over the legal person, determine the natural persons with ultimate beneficial ownership over the legal person; and

● If no such natural person is identified, identify a natural person with enforcement rights over the legal person.

If the customer is a legal arrangement, we shall:

● In the case of a trust, identify the settlor, trustee, protector (if applicable), beneficiaries, any natural person exercising ultimate ownership, ultimate control, or ultimate effective control over the trust; and

● For other types of legal arrangements, identify those in equivalent positions.

If the customer is not a natural person, we shall determine the nature, ownership, and control structure of the customer's business.

We are required to verify the identity of the beneficial owners of the following customers:

● Entities listed on stock exchanges.

● Entities listed on stock exchanges subject to regulatory disclosure requirements and full transparency requirements in relation to their beneficial owners.

● Financial institutions.

● Financial institutions supervised for compliance with the AML/CFT requirements outlined by the FATF; or

● Investment vehicles where the manager is a financial institution or is subject to the AML/CFT requirements outlined by the FATF.

The above shall apply unless we doubt the veracity of the CDD information or suspect that our customers have engaged in business relationships or transactions related to money laundering or terrorism financing.

We shall also document the basis for our determination.

Information on the Purpose and Intended Nature of Business Relations and Transactions Executed Without the Opening of an Account*

When processing applications to enter into a business relationship or executive an undisclosed transaction, we are required to be aware of and, where appropriate, obtain information from the customer about the purpose and intended nature of the business relationship or transaction.

Review of Transactions Executed Without the Opening of an Account*

If we execute one or more transactions for a customer without opening an account (the "current transaction"), we shall review the previous transactions carried out by that customer to ensure that the current transaction is consistent with our knowledge of the customer, their business and risk profile, and the source of their funds.

When we enter into a business relationship with a customer, the payment service provider shall review all transactions prior to entering into the business relationship to ensure that the business relationship is consistent with our knowledge of the customer, their business and risk profile, and the source of their funds.

Particular attention shall be paid to all complex, unusually large, or unusual patterns for transactions executed without opening an account and that have no apparent economic purpose. We shall investigate, to the greatest extent possible, the background and purpose of the aforementioned transactions and record our findings in order to provide such information to the relevant authorities as and when required.

To scrutinize transactions executed without opening an account, we shall establish and implement appropriate systems and processes commensurate with the size and complexity of the payment service provider to:

● Monitor transactions executed without opening an account.

● Detect and report suspicious, complex, unusually large, or unusual patterns for transactions executed without opening an account.

Where there are reasonable grounds to suspect that a transaction executed without opening an account is related to money laundering or terrorism financing, and if we consider it appropriate to execute the transaction, the payment service provider shall substantiate and document the reasons for executing the transaction.

Continuous Monitoring

We shall monitor business relations with our customers on an ongoing basis. We shall monitor the operation of customers' accounts and review their transactions throughout the course of our business relationship to ensure that they are consistent with our knowledge of the customer, their business and risk profile, and the source of their funds.

We shall implement our risk prevention measures if the transaction involves the transfer or receipt of crypto to/from the following entities:

● Financial institutions.

● Financial institutions supervised for compliance with the AML/CFT requirements outlined by the FATF.

During the course of our business relationship, we shall pay particular attention to all complex, unusually large, or unusual patterns for transactions executed with no apparent economic purpose. We shall investigate, to the greatest extent possible, the background and purpose of the aforementioned transactions and record our findings in order to provide such information to the relevant authorities as and when required.

For the purpose of ongoing monitoring, we shall establish and implement appropriate systems and processes commensurate with the size and complexity of the payment service provider to:

● Monitor business relations with our customers.

● Detect and report suspicious, complex, unusually large, or unusual patterns for transactions executed throughout the course of the business relationship.

We shall ensure that the CDD data, documents, and information obtained with respect to our customers, natural persons appointed to act on behalf of our customers, and the related parties and beneficial owners of our customers are relevant and up-to-date by reviewing existing CDD data, documents, and information, particularly with respect to high-risk customers.

If there are any reasonable grounds to suspect that an existing business relationship with a customer is linked to money laundering or terrorism financing and we believe it is appropriate to retain the customer:

● We shall substantiate and document the reasons for retaining the customer.

● We shall subject the customer's business relationship with us to appropriate risk mitigation measures, including enhanced ongoing monitoring.

When we assess that the risk of a customer or our business relationship with that customer is high, payment service providers are expected to take enhanced CDD measures, including obtaining approval from our senior management to retain the customer.

CDD Measures for Non-Face-To-Face Business Relationships or Non-Face-To-Face Transactions*

We shall have policies and procedures in place to address any specific risks associated with non-face-to-face business relationships with customers or non-face-to-face transactions (non-face-to-face business contacts) that are conducted without opening an account for the customer.

We shall implement the policies and procedures when establishing business relations with customers and when conducting ongoing due diligence.

In the absence of face-to-face contact, payment service providers shall implement CDD measures that are at least as stringent as those required for face-to-face contact.

Where a payment service provider makes its first non-face-to-face business contact, the payment service provider shall, at its own expense, engage an external auditor or independent qualified consultant to assess the effectiveness of its policies and procedures, including the effectiveness of any technical solutions used to manage impersonation risks.

We shall appoint an external auditor or an independent qualified consultant to carry out an assessment of the new policies and procedures; and shall submit the report of the assessment to the Authority no later than one year after the implementation of the change.

Reliance on Measures Already Performed During the Acquisition of a Payment Service Provider

Where we (the "acquiring payment service provider") acquire, either in whole or in part, the business of another payment service provider, we shall perform the measures for the customers acquired with the business at the time of acquisition except where the acquiring payment service provider has:

● Obtained all appropriate customer records (including CDD information) at the same time and had no doubts or concerns about the accuracy or adequacy of the information obtained.

● Conducted due diligence resulting in no questions about the adequacy of the AML/CFT measures undertaken by the acquiring payment service provider with respect to the business or portion of the business that the acquiring payment service provider is now acquiring and have properly documented such measures.

Measures for Non-Account Holders*

If we execute any transaction for any customer who does not otherwise have business relations with us, we shall:

● Perform CDD measures as if the customer had just applied to the payment service provider to establish business relations.

● Record adequate details of the relevant transaction so as to permit the reconstruction of the transaction, including the nature and date of the transaction, the type and amount of currency involved, the value date, and the details of the payee or beneficiary.

Verification Timing

We shall verify the identity of the customer, the natural persons appointed to act on the customer's behalf, and the customer's beneficial owners before one of the following:

● The payment service provider establishes a business relationship with the customer.

● The payment service provider executes any transaction for the customer where it has not otherwise established business relations with the customer.

● The payment service provider facilitates or receives digital assets by value transfer for the customer where it has not otherwise established business relations with the customer.

We may enter into a business relationship with a customer before we verify the identity of the customer, the natural persons appointed to act on the customer's behalf, and the customer's beneficial owners if the below circumstances apply:

● The deferral of verification is essential in order not to interrupt the normal conduct of business operations.

● The risks of money laundering and terrorism financing can be effectively managed by the payment service.

Where we establish business relations with a customer before verifying the identity of the customer, natural persons appointed to act on behalf of the customer, and beneficial owners of the customer, we shall undertake the following:

● Develop and implement internal risk management policies and procedures concerning the conditions under which such business relations may be established prior to verification.

● Complete such verification as soon as is reasonably possible.

Where Measures Are Not Completed

Where we are unable to complete the measures as required, we shall not commence or continue business relations with any customer or execute any transaction for any customer.

Where we are unable to complete the measures, the payment service provider shall consider whether the circumstances are suspicious so as to warrant the filing of an STR.

Completion of the measures refers to a situation where the payment service provider has obtained, screened, and verified (including by delayed verification as outlined under paragraphs 6.43 and 6.44) all necessary CDD information under paragraphs 6, 7, and 8 and where the payment service provider has received satisfactory responses to all inquiries in relation to such necessary CDD information.

Joint Accounts

For joint accounts, we shall perform CDD measures on all of the joint account holders as if each of them were individual customers of the payment service provider.

Screening

We shall screen customers, natural persons appointed to act on behalf of customers, related parties of customers, and beneficial owners of customers against relevant money laundering and terrorism financing information sources, as well as lists and information provided by the Authority for the purpose of determining if there are any money laundering or terrorism financing risks in relation to the customer.

We shall screen for the following situations and persons:

● When (or as soon as reasonably practicable after) we establish a business relationship with a customer.

● Before we execute any transaction for any customer who has not otherwise established business relations with the payment service provider.

● Before we facilitate or receive digital assets by value transfer for a customer who has not otherwise established business relations with us.

● Periodically, after we establish business relations with our customers; and

● When there are any changes or updates to:

● Lists and information provided by the Authority to the payment service provider; or

● Natural persons appointed to act on behalf of a customer, their related parties, or beneficial owners.

We shall screen all value transfer originators and value transfer beneficiaries against lists and information provided by the Authority for the purposes of determining if there are any money laundering or terrorism financing risks.

We shall document the results of all screenings.

E. Our Approach to Enhanced Customer Due Diligence

Politically Exposed Persons

We shall use all reasonable means to determine if a customer, any natural person appointed to act on behalf of a customer, any related party of a customer, or any beneficial owner of a customer is a politically exposed person (PEP) or a family member or close associate of a PEP.

Where a customer or any beneficial owner of a customer is determined by us to be a PEP, or a family member or close associate of a PEP, we shall perform at least the following enhanced due diligence measures in addition to our regular CDD measures:

● Obtain approval from senior management to establish and continue business relations with the customer.

● By reasonable means, establish the source of wealth and source of funds of the customer and any of their beneficial owners.

● During the course of business relations with the customer, conduct enhanced monitoring of our business relations with them. We shall increase the degree and nature of monitoring for any transactions that appear unusual.

Higher Risk Categories

We recognize that circumstances, where a customer presents or may present a higher risk for money laundering or terrorism financing, include but are not limited to the following:

● Where a customer or any beneficial owner of the customer is from or in a country or jurisdiction for which the FATF has called for countermeasures, the payment service provider shall treat any business relations with or transactions for any such customer as presenting a higher risk for money laundering or terrorism financing.

● Where a customer or any beneficial owner of the customer is from or in a country or jurisdiction known to have inadequate AML/CFT measures as determined by the payment service provider itself or notified to the payment service provider by the Authority or other foreign regulatory authorities, the payment service provider shall assess whether any such customer presents a higher risk for money laundering or terrorism.

We shall perform enhanced CDD measures for customers who present a higher risk for money laundering or terrorism financing or any customer that the Authority notifies us of presenting a higher risk for money laundering and terrorism financing.od

F. Approach to Bearer Negotiable Instruments and Restriction of Cash Payouts

We shall not make any payment for any sum of money in the form of a bearer negotiable instrument.

We shall not pay any cash in any amount in the course of carrying on our business.

G. Approach to Value Transfer (to be implemented when required)*

If we are the ordering institution, before executing a value transfer, we shall:

● Identify the originator and take reasonable measures to verify their identity (if we have not already done so).

● Record adequate details of the value transfer, including but not limited to the date of the value transfer, the type and value of the digital asset transferred, and the value date.

If we are the ordering institution, we shall include in the memo or payment instructions that accompanies or relates to the value transfer:

● The name of the originator.

● The account number of the originator (or the unique transaction reference number if applicable).

● The name of the beneficiary.

● The account number of the beneficiary (or the unique transaction reference number if applicable).

Value Transfers Exceeding a Particular Threshold

For value transfer exceeding a particular threshold where we are an ordering institution, we shall identify the originator and verify their identity, including the memo or payment instructions that accompany or relate to the value transfer and any of the following:

● The originator's residential address; or

● The originator's registered or business address (along with their principal place of business if such addresses differ).

● The originator's unique identification number; or

● The originator's date and place of birth, along with the incorporation or registration of the value transfer.

We shall immediately and securely submit to the beneficiary institution all value transfer originator and value transfer beneficiary information and shall document all such information. Where we, in the capacity as an ordering institution, are not able to comply with the requirements, we shall not execute the value transfer.

If we are the beneficiary institution, we shall take reasonable measures to identify value transfers that lack the required value transfer originator or value transfer beneficiary institution.

For value transfers where we, as the beneficiary institution, pay out transferred digital assets in cash or cash equivalents to a value transfer beneficiary, we shall identify and verify the identity of the value transfer beneficiary (if their identity has not been previously verified).

We shall always conduct a review prior to executing a value transfer lacking the required value transfer originator or value transfer beneficiary information and document our follow-up measures. *

If we are the intermediary institution, we shall retain all information pertaining to a value transfer.

Where we, as an intermediary institution, execute a value transfer to another intermediary institution or beneficiary institution, we shall immediately and securely provide the information accompanying the value transfer to that other intermediary institution or beneficiary institution.

If we are a receiving intermediary institution, we shall keep a record of all information received from an ordering institution or another intermediary institution for at least five years.

We shall take reasonable measures to identify value transfers that lack the required value transfer originator or value transfer beneficiary information during straight-through processing.

H. Record Keeping

We shall retain proper records as required for a time period of at least 5 years.

I. Personal Data*

We shall safeguard the personal data of our customers in the manner prescribed.

J. Suspicious Transactions Reports (STRs)

We shall notify the relevant authorities and file STRs as required by law. We shall also maintain all records and transactions relating to all such transactions and STRs.

K. Our Compliance, Audit, and Training Policies

Amongst other measures, we shall appoint an AML/CFT compliance officer at the management level, maintain independent audit capabilities, and take proactive measures to regularly train our employees on AML/CFT matters.

Enterprise-Wide Money Laundering/Terrorism Financing Risk Assessment

We shall conduct an enterprise-wide money laundering/terrorism financing risk assessment in three phases:

Phase 1: Assessment of Inherent Risk

We shall assess the inherent risk in relation to our:

● Customers or entities: We shall assess the customers and/or entities with whom we deal.

● Products or services: We shall be mindful of who we provide cryptocurrency OTC services to.

Regional scale: We shall not deal with customers on lists of designated individuals and entities.

Stage 2: Assessment of Mitigating Controls

We shall assess our mitigating controls in relation to the aforementioned. We shall monitor and exercise enhanced due diligence for any and/or all customers(s) whom we deem to be suspicious.

Phase 3: Assessment of Residual Risk

We shall assess our residual risks after assessing our mitigating controls.