1.1 “Applicable Law” means all laws in force for the time being within the territory of the Australia, including (but not restricted to) the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (“AML/CTF Act”), the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1) and other regulatuions made under the aforementioned Act from time to time.
1.2 “Designated Director” means a managing director or whole-time director of ZebPay who has been appointed and authorised to administer ZebPay’s anti-money laundering measures;
1.3 ‘AUSTRAC’ refers to the government agency responsible for the implementation of the AML/ CTF regime in Australia, for monitoring compliance with the relevant legislative provisions, and for the collection, collation, processing, analysis and dissemination of information with a view to combating ML and Funding of Terrorism.
1.4 Money-Laundering (“ML”) refers to:
(i) the conversion or transfer of property knowing or suspecting that such property is derived directly or indirectly from, or the proceeds of criminal activity or from an act or acts of participation in criminal activity, for or purposes of concealing or disguising the origin of the property or of assisting any person or persons involved or concerned in criminal activity;
(ii) the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect to, in or over, or ownership of property, knowing or suspecting that such property is derived directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
(iii) the acquisition, possession or use of property knowing or suspecting that the same was derived or originated directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
(iv) retention without reasonable excuse of property knowing or suspecting that the same was derived or originated directly or indirectly from criminal activity or from an act or acts of participation in criminal activity;
(v) attempting any of the matters or activities defined in the above foregoing sub-paragraphs (i), (ii), (iii) and includes acting as an accomplice in respect of any of the matters or activities defined in the above foregoing sub-paragraphs.
This definition is rather exhaustive list of acts that would be considered as ML under Australian law.
1.5 “PEP” refers to individuals who are or have been entrusted with prominent public functions, their immediate family members or persons known to be close associates of such persons but shall not include middle ranking or more junior officials. As per the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1), "PEP" means an individual:
(a) who holds a prominent public position or function in a government body or an international organisation, including:
(i) Head of State or head of a country or government; or
(ii) government minister or equivalent senior politician; or
(iii) senior government official; or
(iv) Judge of the High Court of Australia, the Federal Court of Australia or a Supreme Court of a State or Territory, or a Judge of a court of equivalent seniority in a foreign country or international organisation; or
(v) governor of a central bank or any other position that has comparable influence to the Governor of the Reserve Bank of Australia; or
(vi) senior foreign representative, ambassador, or high commissioner; or
(vii) high-ranking member of the armed forces; or
(viii) board chair, chief executive, or chief financial officer of, or any other position that has comparable influence in, any State enterprise or international organisation; and
(b) who is an immediate family member of a person referred to in paragraph 1.5 (a), including:
(i) a spouse; or
(ii) a de facto partner; or
(iii) a child and a child's spouse or de facto partner; or
(iv) a parent; and
(c) who is a close associate of a person referred to in paragraph 1.5 (a), which means any individual who is known (having regard to information that is public or readily available) to have:
(i) joint beneficial ownership of a legal entity or legal arrangement with a person referred to in paragraph 1.5 (a); or
(ii) sole beneficial ownership of a legal entity or legal arrangement that is known to exist for the benefit of a person described in paragraph 1.5 (a).
1.6 “Principal Officer” means the officer appointed by ZebPay to administer ZebPay’s anti-money laundering measures;
1.7 “Senior Management” means such directors, officers or other personnel of ZebPay as are specifically designated to monitor and ensure know-your-customer compliance and the operation of ZebPay’s internal audit systems;
1.8 “Suspicious Transaction” means a transaction, whether or not made in cash which, to a person acting in good faith:
1) give rise to a reasonable ground of suspicion that it may involve proceeds of an offense regardless of the value involved; or
2) appears to be made in circumstances of unusual or unjustified complexity; or
3) appears to have no economic rationale or bona fide purpose; or
4) gives rise to a reasonable ground of suspicion that it may involve financing of the activities relating to terrorism;
Explanation —Transaction involving financing of the activities relating to terrorism includes transaction involving funds suspected to be linked or related to, or to be used for terrorism, terrorist acts or by a terrorist, terrorist organization or those who finance or are attempting to finance terrorism.
2.1 A local Money Laundering Reporting Officer ("MLRO") has been appointed who directly reports to the local management and for whom the local management is directly responsible.
The local MLRO is committed to undertake the following tasks:
Receive internal reports of suspicious transactions;
Endeavour to ensure the Company has a fully integrated Chain Analysis tool for all Crypto-wallets and to monitor all incoming and outgoing transactions.
Review the Know-Your- Client ("KYC") process from the AUSTRAC website on . //www.austrac.gov.au/part-b-amlctf-program-customer-due-diligence-procedures . In completing this report the MLRO should provide as much detail as possible together with the relevant identification and other supporting documentation. To ensure the highest level of confidentiality, Suspicious Matter Report(s) ("SMRs") will be submitted using the AUSTRAC’s online portal providing the necessary information as required under Chapter 18 of the AML/CTF Rules.
It should be noted that SMR will only be filed with AUSTRAC and will not be copied to any supervisory authority i.e. no tipping off;
Make external reporting to the relevant local authorities wherever applicable;
Provide annual reporting to the local management (the report should cover the results of any AML control activities, notification of suspicious transactions, employee training, implemented AML prevention activities);
Examine all unusual and conspicuous transactions and behaviour either as an outcome from monitoring systems or otherwise detected;
Daily check of Users against recognized “black lists” (e.g. OFAC, UN, EU, DFAT), aggregating transfers by multiple data points, placing Users on watch and service denial lists, opening cases for investigation where needed, sending internal communications and filling out statutory reports, if applicable
Develop procedures and policies to detect and prevent money laundering;
Periodically review the effectiveness of policies and procedures with regards to prevention and reporting of any illegal activity;
Establish staff training;
Advise and inform all employees
2.2 The MLRO shall be responsible for overseeing all aspects of the service provider's AML/ CFT activities. The Company shall ensure that the MLRO has sufficient resources available to him or her in order to ensure compliance with the Company's AML/ CFT policy.
The MLRO shall be responsible for:
(a) receiving reports of knowledge or suspicion of ML/ Funding of Terrorism;
(b) considering such reports to determine whether knowledge or suspicion of ML/Funding of Terrorism subsists;
(c) reporting knowledge or suspicion of ML/ Funding of Terrorism to AUSTRAC; and
(d) responding promptly to any request for information made by AUSTRAC.
2.3 Once the MLRO is appointed, the Company shall notify AUSTRAC in the form as is available on AUSTRAC website.
2.4 Should the MLRO resign and a new individual is appointed instead, AUSTRAC shall be notified as soon as possible.
ZebPay shall maintain a record of, and has evolved an internal mechanism to detect, the following:
3.1 Details pertaining to User transactions, including but not limited to:
- the nature of the transactions;
- the amount of the transaction and the currency in which it was denominated;
- the date on which the transaction was conducted; and
- the parties to the transaction.
3.2 All details for the following categories of User transactions, separately from those recorded under 3.1 above:
(i) User transactions of value of at least AUD 10,000 (Ten Thousand Australian Dollars), or its foreign currency equivalent; and User transactions that are connected to each other and that take place within a month of each other, with a monthly aggregate of at least AUD 10,000 (Ten Thousand Australian Dollars), or its foreign currency equivalent; and
(ii) All Suspicious Transactions by way of deposits and credits, withdrawals into or from any accounts in whatsoever name they are referred to in any currency maintained by way of cheques including third party cheques, pay orders, demand drafts, or any other instrument of payment of money including electronic receipts or credits and electronic payments or debits; or transfers from one account within the same banking company, financial institution and intermediary, including to and from Nostro and Vostro accounts; or any other mode in whatsoever name it is referred to;
(iii) credits or debits into or from any non-monetary accounts such as demat account, security account in any currency maintained by ZebPay;
(iv) money transfer or remittances in favour of own Users or non-Users from Australia or abroad and to third party beneficiaries in Australia or abroad including transactions on its own account in any currency by any of the following:
- demand drafts, or
- telegraphic or wire transfers or electronic remittances or transfers, or
- internet transfers, or
- Automated Clearing House remittances, or
any other mode of money transfer by whatever name called;
4.1 ZebPay will maintain hard and soft copies of the above-mentioned records of Transactions in accordance with the procedure and manner, as may be specified under applicable laws or regulations, from time to time.
4.2 In addition to the above, ZebPay shall maintain records of transactions, as per its prevailing processes.
5.1 ZebPay may be required and / or directed to cooperate and aid the government and / or law enforcement authorities, police, investigating agencies, or Tribunals and Courts within the territory of Australia or from outside the said territory.
5.2 In such cases, subject to applicable laws with respect to data protection, ZebPay shall be entitled to disclose any information about the User that is in its possession or control, including to government or law enforcement officials, police, investigating agencies, Tribunals and Courts within and outside the territory of Australia.
5.3 In particular, ZebPay shall be entitled to initiate processes and disclosures, including but not limited to the following circumstances:
(i) information pertaining to or in pursuance of claims and legal process (such as summons / warrants);
(ii) to protect ZebPay’s property, rights, and safety and the property, rights, and safety of a third party or the public in general;
(iii) to identify and stop any activity that ZebPay considers illegal, unethical, or legally actionable.
(iv) ZebPay may, if so required under applicable law, disclose the necessary information to AUSTRAC or any Australian government departments.
(v) ZebPay also compiles records and audit and compliance notes to determine the efficacy of its internal audit systems on an ongoing basis, and such notes are submitted to ZebPay’s audit committee on a quarterly basis for this purpose.
6.1 Based on the various factors and risk parameters, the clients shall be categorised into "High", "Medium" and "Low" risk category. Frequency of risk monitoring for High Risk Customer should be Annual, Medium Risk Customer should be Two years and Low Risk Customer should be Three Years.
6.2 Certain clients may be of a higher or lower risk category depending on the circumstances such as the client’s background, type of business relationship or transaction, etc. The illustrative factors for risk profiling is given as under (list is indicative and can be expanded as per business requirements and experience):
(1) Geographical Location and Category of client.
(2) Nature of Business activity
(3) Financial Health vs Trade Volume
(4) Income Range
6.3 Risk based Monitoring approach shall be followed. Broad categories of monitoring and reason for suspicion and examples of suspicious transactions for ZebPay are indicated as under:
(1) Identity of Client
- False identification documents
- Identification documents which could not be verified within reasonable time.
- Doubt over the real beneficiary of the account.
- Accounts opened with names very close to other established business entities
(2) Suspicious Background
Suspicious background or links with known criminals
(3) Multiple Accounts
- Large number of accounts having a common account holder or authorized signatory with no rationale.
- Unexplained transfers between multiple accounts with no rationale
(4) Activity in Accounts
- Unusual activity compared to past transactions
- Sudden activity in dormant accounts
- Activity inconsistent with what would be expected from declared business
(5) Nature of Transactions
Unusual or unjustified complexity
No economic rationale or bonafide purpose
Source of funds/Cryptocurrencies are doubtful
(6) Value of Transactions
Value just under the reporting threshold amount in an apparent attempt to avoid reporting
Inconsistent with the clients apparent financial standing
Inconsistency in the transactions pattern by Customers.
6.4 ZebPay will ensure that information sought from the customer is relevant to the perceived risk, is not intrusive, and is in conformity with the guidelines issued in this regard. Any other information from the customer will be sought separately with the client’s consent and after opening the account.
Exceptions to this Policy is subject to the approval, and at the sole discretion of ZebPay Chief Compliance Officer, or a designated person. All exceptions must be documented, with reasons for the exceptions, including expiration or review date and, wherever necessary, including an action plan and timelines for compliance with the policy.
Without prejudice to the generality of the foregoing, screening of all individuals and entities against sanction programs such as for international/local sanction lists e.g UN, OFAC, EU, DFAT shall be undertaken and is mandatory. This is to ensure that the Company does not deal with any sanctioned individuals or entities. No accounts will be opened by ZebPay for any User who appears on the international sanction lists and local country watchlist of the jurisdiction i.e. DFAT that ZebPay business operates.
8.1 In risk-sensitive instances or where the customer is not present and there is some doubt e.g. due to online applications via its platform, the Company shall apply EDD measures. EDD measures are additional measures to the CDD measures.
8.2 EDD measures are applied in order to ensure that the higher risks presented by certain Customers and transactions are better monitored and managed to avoid any involvement in ML/Funding of Terrorism.
Thus, the Company applies EDD measures when the Operations Department classifies the Customer as high risk and, in all cases, where the customer is not present.
8.3 EDD measures are applied in the following cases:
(a) where the Applicant has not been physically present for identification purposes and classified as high risk subject to the Company's CDD measures;
(b) in relation to cross-border correspondent banking relationships; or
(c) in relation to a Business Relationship or Occasional Transaction with a PEP.
8.4 In the above-mentioned instances, the MLRO and the Designated Employee/s are to be consulted in order to confirm which of the EDD measures indicated hereunder are to be applied whenever the applicant is not present and classified as high risk customer (i.e. for non-face-to-face applicants i.e. online applications).
8.5 In addition to the three (3) specific instances mentioned above, the Company shall also conduct EDD measures in relation to a Business Relationship or a transaction connected to a jurisdiction listed under the public documents issued by the FATF as required in the guidance note on high-risk and non-cooperative jurisdictions.
(NOTE: the Company restricts these clients at this stage, so the previous provisions are in case these may change in the future).
8.6 Although only three (3) relationships are mentioned above, there may be other situations which, by their nature, can present a higher risk of ML/ Funding of Terrorism. The MLRO shall, therefore, use his/her discretion when applying EDD measures in such situations. The MLRO shall ensure that such measures are applied on a risk-sensitive basis and should be appropriate in view of the higher risk of ML/ Funding of Terrorism.
In addition to the identification and verification of identity measures to be carried out in accordance with the Identification and Verification of the Customer Section, the Operations Department shall apply one (1) or more of the following measures:
This measure entails a bank-to-bank transfer from an existing account through which the Customer would have already been identified by the Company. Therefore, the first payment or transaction into the account held by the Applicant may be an electronic card payment only where the electronic card used to affect the payment is linked to an account held by the payer with a credit institution. In such instance, the Customer must provide the service provider’s statement form the same Bank that prove that the credit card used is liked to Customer’s account with that Bank. Prepaid credit cards and E-money payments are not admissible for EDD purposes.
Note: This is the default check and will be incorporated into the checks by Operations.
POLITICALLY EXPOSED-PERSONS ("PEPs")
At the initial on-boarding stage (or if the client has been flagged as a PEP from a new review): The Company shall obtain such information directly from the Applicant (as part of the on-boarding questions) or from other readily available sources such as Experian, World Check, newspapers etc (the Company will automatically check if the Applicant is flagged as a PEP in the Watchlists of Experian on an automated basis). The Board of Directors’ or Senior Management approval is required in those cases where the Customer is categorized as a PEP. The application of EDD measures to PEPs is mandatory as long as the PEP remains entrusted with a prominent public function for a subsequent twelve (12) months from when he ceases to be so entrusted.
9.1 ZebPay shall exercise ongoing due diligence with respect to the business relationship with every User and closely examine the transactions in order to ensure that they are consistent with their knowledge of the User, his/her business and risk profile and where necessary, the source of funds.
9.2 ZebPay will also review its due diligence measures and undertake measures to re-verify the identity of a User and obtain further information on a User’s activities, if ZebPay has any suspicions of money laundering or the financing of terrorism.
9.3 All due diligence undertaken by ZebPay is documented, designed to consider all relevant risk factors in determining overall risk and the appropriate mitigation measures, is kept up to date; and will always be available to the relevant authorities and self-regulating bodies.
9.4 ZebPay will verify the identity of Users while carrying out transactions worth at least AUD 10,000 (Ten Thousand Australian Dollars), whether through a single transaction or a series of connected transactions.
9.5 Once a User has participated in transactions of a total value of at least over the course of his/her engagement with the ZebPay platform, or deposits or transacts in an amount of at least AUD 10,000 (Ten Thousand Australian Dollars) or equivalent foreign currency on the ZebPay Platform, ZebPay will also conduct ‘chain analysis’ to identify the relevant public address for such User and earmark such User as either as ‘high risk’, ‘medium risk’, or ‘low risk’ based on parameters such as the use of cryptocurrencies by such Users at online gambling websites, darknet websites, etc.
This limit AUD 10,000 (Ten Thousand Australian Dollars) or equivalent foreign currency may be revised by ZebPay from time to time, based on ZebPay’s determination of appropriate thresholds in accordance with ongoing compliance measures, and if so required under applicable Law.
9.6 ZebPay will, in particular, monitor the following categories of transactions, and will conduct due diligence on an ongoing basis on them:
(1) large, complex transactions, including those with unusual patterns that are inconsistent with a User’s normal / expected level of activity, without an apparent economic rationale or legitimate purpose; and
(2) transactions that involve high account turnover, inconsistent with the size of the balance ordinarily maintained by a User.
9.7 ZebPay will require Users to specify a bank account in the User’s own name (“the User Bank Account”) to which ZebPay will credit any funds payable to the User pursuant to the User’s trading activity on the ZebPay Platform. Users may request for ZebPay, from time to time, to change their User Bank Account, provided always that ZebPay will only entertain requests that are (i) in writing, (ii) specify a new bank account that is in the name of the User, and (iii) subject to ZebPay being satisfied, at its sole discretion, that the changing of bank account does not otherwise contravene ZebPay’s AML Policy. Otherwise, Users are hereby notified that as a matter of strict policy ZebPay will not entertain any request to credit the User’s funds into a bank account other than the User Bank Account.
9.8 As Users are not face-to-face customers of ZebPay, ZebPay may be required to undertake enhanced due diligence, including certification of all documents provided by the Users, calling for additional documents whenever necessary, and requiring that the first payments made by such Users be effected through the User’s KYC-compliant account with a bank. Any such requirements, as may be imposed under Applicable Law, will be incorporated into this AML Policy, and ZebPay reserves the right to update the AML Policy for this purpose.
9.9 ZebPay’s staff are trained in ZebPay’s due diligence and anti-money laundering measures, as well as all requirements prescribed under Applicable Law for this purpose and may be contacted at email@example.com if any User has questions or concerns about any of measures contained in this AML Policy.
10.1 In the event of knowledge or suspicion of ML/ Funding of Terrorism, and any knowledge, suspicion or reasonable grounds to suspect that the funds used in a transaction are the proceeds of a crime, the Company shall proceed as follows:
(i) the Company’s employee who has knowledge or suspicion of such ML/ Funding of Terrorism, shall report this matter to the MLRO.
(ii) once the MLRO has received all information relating to the knowledge or suspicion reported by the employee, he shall, together with the assistance of the Designated Employee/s, carry out a further investigation into the matter in order to decide whether such report is to be submitted to AUSTRAC as an SMR.
(iii) if the MLRO decides not to submit the report, he shall prepare a detailed report explaining his findings and the reasons for his decision and such report shall be kept in the Company’s records and retained for a period of seven (7) years in accordance with the Record Keeping Section above.
(iv) if on the other hand, the MLRO decides to submit the report to AUSTRAC, he shall complete the report in the form prescribed by AUSTRAC. This form may be filed online through the AUSTRAC website indicated above.
10.2 Any disclosures to AUSTRAC are to be made as soon as practicable, but in no circumstance, later than 24 hours after forming the relevant suspicion if the suspicion relates to terrorism financing; or three(3) business days after forming the suspicion in all other cases.
10.3 The time period mentioned in paragraph 10.2 for reporting a suspicious matter starts when the Company forms a 'suspicion on reasonable grounds'. This may occur at any time during the enquiry, request, proposal, or commencement stages of providing a designated service to the customer.
The User hereby agrees and undertakes to not indulge, assist, abet and encourage in any manner whatsoever, in any activity involving money laundering or financing of any illegal or unlawful activities.
Part 10 of the AML/CTF Act outlines the types of records ZebPay must retain, which includes records of or about:
- transaction records;
- electronic funds transfers;
- customer identification procedures;
- AML/CTF programs; and
- due diligence assessments of correspondent banking relationships.
In addition, digital currency exchanges providers are required to retain records about their registration on AUSTRAC's Digital Currency Exchange Register.
The AML/CTF Act requires reporting entities to retain records for seven(7) years after ceasing to provide a designated service - this is longer than the maximum period permitted under Part IIIA of the Privacy Act 1988 for retaining these types of records (generally five years). As such ZebPay shall maintain records of the identity of Users in soft copies in a manner, as may be specified under the AML/CTF Act or such applicable laws or regulations, from time to time, and in the absence thereof, from the date of cessation of the transactions between the User and ZebPay for a period of Seven (7) years.
13.1 Any notice or other communication provided for in this Agreement shall be sent only through electronic mail. User hereby agrees to receive electronic or any other form of communication and notifications from ZebPay. Email messages sent over the Internet are not always secure and ZebPay is not responsible or liable for non-receipt of such communication by User. Once the email is dispatched by ZebPay, it shall be deemed to have been served on the User. ZebPay shall be deemed to have received communications from the User only upon actual receipt into the Inbox of the account of the person to whom such communication is addressed and acknowledged. ZebPay shall not be liable or responsible for non-receipt of communications or for any damages incurred by the result of sending email messages over the Internet.
13.2 All communications to User shall be at the electronic mail address provided by User, as part of the KYC norms. User shall ensure that any change in the electronic mail address or communication option is duly intimated to ZebPay.
14.1 This Agreement shall be governed by and construed in accordance with the laws of Australia.
14.2 The parties agree to irrevocably submit to the exclusive jurisdiction of the courts in Australia for the resolution of any disputes arising from this Agreement or in connection therewith or pursuant thereto.
16.1 The invalidity or unenforceability of any provision of this Agreement shall not in any way affect, impair or render unenforceable this Agreement or any other provision contained herein, which shall remain in full force and effect.
16.2 This Agreement shall be considered divisible as to such provision, which is deemed to be invalid or unenforceable, the remainder of this Agreement shall be enforceable and binding on the Parties.
No provision of this Agreement may be waived or changed except by a writing signed by the party against whom such waiver is sought to be enforced. The failure or omission by either party at any time to enforce or require strict or timely compliance with any provision of this Agreement shall not affect or impair that provision or any other provision in any way or the rights of such party hereof, to avail itself of the remedies it may have in respect of any subsequent breach of that or any other provision.
The Recitals, Schedules and Annexures in this Agreement shall form part of this Agreement and the contents thereof shall be read into this Agreement. Headings are for the purpose of easy reference and shall not affect the meaning or interpretation of this Agreement.
This Agreement, and the other agreements contemplated hereby, constitute the entire agreement.
ZebPay is an entity registered with the Australian Anti-Money Laundering ("AML") regulators, i.e. AUSTRAC.
ZebPay shall appoint a Principal Officer and a Designated Director who will be designated Senior Management as required under Applicable Law, along with setting up a compliance team, who shall be responsible for ensuring compliance, monitoring transactions, and sharing and reporting information as required under the law/regulations.
22.1 These terms may be periodically reviewed and revised. The revised terms will be uploaded on the ZebPay Website and will reflect the modified date of the terms. The User is required to periodically visit the website and review the terms and any changes thereto.
22.2 Continued use of the ZebPay Services constitutes the agreement of User to the terms contained herein and any amendments thereto.
22.3 This agreement or the responsibilities or benefits arising therefrom cannot be assigned by User save and except with the prior written consent of ZebPay.
All other provisions of the ZebPay Terms of Service shall be read into this policy and shall form part hereof, including Governing Laws and Jurisdiction, notices, severability, assignment and such or other provisions.