Anti-Money Laundering (AML) Policy

1. Introduction

1.1 Purpose

The purpose of this Anti-Money Laundering (AML) Policy is to establish and maintain a comprehensive framework to prevent and detect money laundering activities within StoneBridge. This policy outlines the measures and controls necessary to comply with applicable laws and regulations.

1.2 Scope

This policy applies to all employees, officers, directors, and agents of StoneBridge, as well as any third-party service providers engaged by the company.

1.3 Definitions

• Money Laundering: The process of concealing the origins of illegally obtained money, typically by means of transfers involving foreign banks or legitimate businesses.
• Suspicious Activity: Transactions or activities that may indicate money laundering or other financial crimes.
• Know Your Customer (KYC): The process of verifying the identity of clients to prevent illicit activities.

2. Regulatory Framework

2.1 Applicable Laws and Regulations

StoneBridge complies with all relevant local, national, and international AML laws and regulations, including but not limited to:

• [List specific laws and regulations, e.g., Bank Secrecy Act, EU AML Directives, etc.]

2.2 Regulatory Authorities

The following authorities oversee AML compliance:

• [List relevant regulatory bodies, e.g., Financial Crimes Enforcement Network (FinCEN), etc.]

3. Responsibilities

3.1 Board of Directors

• Ensure the implementation and effectiveness of the AML Policy.
• Provide necessary resources for AML compliance.

3.2 AML Compliance Officer

• Oversee the AML program.
• Conduct regular risk assessments.
• Ensure ongoing training and awareness programs.

3.3 Employees

• Understand and adhere to the AML Policy.
• Report any suspicious activities to the AML Compliance Officer.

4. Risk Assessment

4.1 Risk Identification

• Assess the risk of money laundering activities based on factors such as customer type, geographic location, products and services offered.

4.2 Risk Mitigation

• Implement controls to mitigate identified risks, including enhanced due diligence for high-risk customers.

5. Customer Due Diligence (CDD)

5.1 Customer Identification Program (CIP)

• Verify the identity of customers using reliable, independent source documents, data, or information.

5.2 Enhanced Due Diligence (EDD)

• Conduct additional scrutiny for customers presenting higher risk factors, such as politically exposed persons (PEPs) or those from high-risk jurisdictions.

5.3 Ongoing Monitoring

• Continuously monitor transactions and customer behavior to identify and report suspicious activities.

6. Reporting Procedures

6.1 Suspicious Activity Reports (SARs)

• File SARs with the appropriate regulatory authorities when suspicious activities are detected.

6.2 Internal Reporting

• Establish internal channels for employees to report suspicious activities confidentially.

7. Record Keeping

7.1 Documentation

• Maintain records of all transactions, customer identification, and due diligence efforts for a minimum of 15 years.

7.2 Accessibility

• Ensure that records are easily accessible for review by regulatory authorities upon request.

8. Training and Awareness

8.1 Employee Training

• Provide regular AML training to all employees to ensure understanding of policies, procedures, and legal obligations.

8.2 Awareness Programs

• Conduct ongoing awareness initiatives to keep AML issues at the forefront of the company’s operations.

9. Compliance Monitoring and Auditing

9.1 Internal Audits

• Perform regular internal audits to assess the effectiveness of the AML program and identify areas for improvement.

9.2 Compliance Reviews

• Conduct periodic reviews of AML policies and procedures to ensure they remain up-to-date with regulatory changes.

10. Sanctions and Disciplinary Actions

10.1 Non-Compliance

• Define consequences for non-compliance with the AML Policy, including disciplinary actions up to and including termination.

10.2 Reporting Violations

• Encourage employees to report violations without fear of retaliation.

11. Policy Review

11.1 Regular Updates

• Review and update the AML Policy annually or as required by changes in laws and regulations.

11.2 Approval Process

• Ensure that all policy updates are approved by the Board of Directors or designated authority.

---

Effective Date: 1 January, 2025
Last Reviewed: 1 January, 2025
Approved By: Werksmans