Compliance & Risk Manual GCBIB
Version 1.1 Date 20.6.2019
HashFort OÜ (Company Registry 14648319)
Peterburi tee 47, Lasnamäe linnaosa,
Tallinn, Harju maakond,
11415 Estonia -
HASHFORT OÜ, sees adherence to Anti Money Laundering (AML) and Know Your Customer (KYC) regulations as fundamental to its business. At HASHFORT OÜ, we consider meeting the standards of the Swiss regulator (FINMA and the SRO) a competitive advantage.
Global penetration is presently under 2%. A major reason for this is the unease amongst potential clients that it is illegal, could be abused in the Darkweb and for terrorist financing. HASHFORT OÜ sees a huge advantage in making the HASHFORT OÜ accessible to the much larger 98% of the global population, by:
Our compliance and Risk Management processes will be aligned along the following structure:
HASHFORT OÜ will regularly update the measures and checks detailed in the following sections, in order to be compliant and deliver added value on an ongoing basis to our clients.
External data sources for these controls will be consulted, updated and reviewed on an ongoing basis to make sure all systems are up to date.
To access our platform / services, all potential clients have to register. Without registration, none of our services, internal pages, products etc. are accessible to users. HASHFORT OÜ cannot be bought, sold or transferred without being duly registered on our platform.
Clients can register for our products and services at our website HashFort OÜ.net
The following information will be required in order for natural persons to register for our products and services:
The following information will be required for the legal entities:
The verification of the client’s identity is compliant with FINMA (Rz 32 ff. FINMA-RS 2016/7) regulations. The following guidelines will be adhered to:
All captured KYC and identity data will be stored and protected based on our privacy rules and would be available for audit purposes to regulators.
The following check will be carried out based on the information gathered in A1 & A2:
The domicile of the applicants will be checked against a list of countries that are permitted to register on our platform and clients that do not meet these requirements will not be on-boarded. Applicants domiciled in any of the following countries on the UN embargos list will not be on-boarded on our platform:
Applicants from high risk countries (based on Country list VQF Doc-No. 902.4.1), will be on-boarded, but subjected to enhanced due diligence.
Applicants stating that they are working in the following sensitive areas will not be on-boarded on our platform:
All applicants will be checked against globally accepted data on political exposure and tagged as such. All PEP’s will be placed on our enhanced due diligence list and monitored regularly.
All applicants who pass these checks, will be confirmed by the AMLA and a relationship will be opened with them. They will receive an email to their indicated email address, with an email verification link. They will receive an sms to their indicated phone number, with an OTP verification code. Once the email and the phone number is verified, the account will become active and the client will receive an initial password to login to the platform. Clients will be required to change their passwords after the first login.
Clients would have the possibility of updating their personal data in the platform on an ongoing basis, and this will always trigger a review of the relationship.
An annual review of each client’s KYC data will be conducted to ensure that KYC data are up to date.
HASHFORT OÜ in line with the AML guidelines will monitor on an ongoing basis, all transactions on its platform. Considering that we have a blockchain solution, all transactions – buy, sell and transfer of HASHFORT OÜ are written on the blockchain and cannot be changed or deleted. This creates a transaction history of each client’s interaction from the first time they register on the platform.
B1 – AML Monitoring
In order to guard against any form of money laundering, the following measures are in place for all clients on our platform:
B2 – Threshold Checks
In order to guard against any form of money laundering, the following threshold check will be performed for all clients on our platform:
HASHFORT OÜ realizes that in order to have proper risk mitigation, there will be borderline cases that require actual human intervention and decision. Our EDD process is meant to capture all borderline cases, EDD triggers and any other unforeseen situations that our processes do not cover.
All EDD cases must follow a 4-eyes principle. Cases will be dealt with by customer services’ personnel and referred to AMLA (Risk Officer) for the final decision and approval. The AMLA if unsure, can refer the case to the BoD for final decision.
All EDD cases have to be properly documented and flagged in the system. The following are to be captured:
Depending on the trigger, various measures need to be taken in order to validate whether the client is in violation with AML or other regulations. The following measures amongst others could be applied in order to create transparency and decisions:
Where a client is proven to be circumventing or breaching AML or KYC regulations, the following measure shall be taken: