The 5AMLD introduces a definition of ‘virtual currency’ and requires cryptocurrency exchange platforms and custodian wallet providers to implement financial crime preventive measures, including customer due diligence, and report suspicious transactions.

The 5AMLD is a gatekeeper between the fiat and crypto-asset worlds, namely cryptocurrency exchange platforms and custodian wallet providers.

These measures will address the money laundering and terrorist financing risks and will have no negative effects on the benefits and technological advances presented by blockchain technology underlying virtual currencies.


What is KYC

Know your customer client onboarding is a process and is divided into several stages:

Step 1: We will begin the customer onboarding process with the gathering of relevant data and customer identification documents.

Step 2: Once we have collected the relevant information, the process of identity verification along with relevant data authentication begins. This includes in-depth background checks relating to previous financial transactions, previous employment and other activities.

Step 3: Further investigation into the potential customers history often occurs during the early, this is designed to detect any previous history of suspicious or fraudulent activities. Other areas of investigation could also include any activities that could be a red flag within the scope of Anti-Money Laundering, fraud prevention protocols, or even previous involvement with Counter Financing Terrorism (CFT) investigations.

Step 4: The resulting information is then analysed and, based on the findings, will be used to classify the potential customer in one of three main brackets: low risk, medium risk or high risk.

We have designed our KYC process to ensure that your company always meets all compliance requirements and result in a positive user experience, with fewer dropouts during the application process.



KYC

The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017

Those who intend to establish a business relationship with BCB Xchange Ltd, carry out an occasional transaction that amounts to a transfer of funds within the meaning of Article 3.9 of the funds transfer exceeding 1,000 euros or the equivalent in GBP

If we suspect money laundering or terrorist financing; or if we doubt the veracity or adequacy of documents or information previously obtained for the purposes of identification or verification.

A relevant person who is not a high value dealer will be required to complete our customer due diligence processes if the person carries out an occasional transaction that amounts to 15,000 euros or more or the equivalent in GBP, whether the transaction is executed in a single operation or in several operations which appear to be linked.

A high value dealer must also apply customer due diligence measures if that dealer carries out an occasional transaction in cash that amounts to 10,000 euros or more or the equivalent in GBP, whether the transaction is executed in a single operation or in several operations which appear to be linked.

This regulation applies to all who intend to use the BCB Market platform, a BCB Xchange Limited product


Customer onboarding CDD

For individuals:

We will

  1. Identify the customer unless the identity of that customer is known to, and has been verified by the MLR Officer;
  2. Verify the customer’s identity unless the customer’s identity has already been verified by the MLR Officer; and
  3. Assess, and where appropriate obtain information on, the purpose and intended nature of the business relationship or occasional transaction.

The MRLO will conduct ongoing monitoring of a business relationship, including

  1. Scrutiny of transactions undertaken throughout the course of the relationship (including, where necessary, the source of funds) to ensure that the transactions are consistent with the relevant person’s knowledge of the customer, the customer’s business and risk profile;
  2. Undertaking reviews of existing records and keeping the documents or information obtained for the purpose of applying customer due diligence measures up to date.

The ways in which BCB Xchange Ltd complies with the requirement to take customer due diligence measures, and the extent of the measures taken

  1. Will reflect
    1. the risk assessment carried out by the MRLO under regulation  18(1);
    2. its assessment of the level of risk arising in any particular case;
  2. may differ from case to case.

In assessing the level of risk in a particular case, the relevant person must take account of factors including, among other things

  1. The purpose of an account, transaction or business relationship;
  2. The level of assets to be deposited by a customer or the size of the transactions undertaken by the customer;
  3. The regularity and duration of the business relationship.

For the purposes of this regulation

  1. “verify” means verify on the basis of documents or information in either case obtained from a reliable source which is independent of the person whose identity is being verified;
  2. Documents issued or made available by an official body are to be regarded as being independent of a person even if they are provided or made available to the relevant person by or on behalf of that person.

Where, in relation to any customer, the MRLO will be unable to apply customer due diligence measures as required by regulation  28, the MRLO will

  1. not carry out any transaction through a bank account with the customer or on behalf of the customer;
  2. not establish a business relationship or carry out a transaction with the customer otherwise than through a bank account;
  3. terminate any existing business relationship with the customer;
  4. consider whether the MRLO is required to make a disclosure (or to make further disclosure) by
    1. Part 3 of the Terrorism Act 2000( 1 ); or
    2. Part 7 of the Proceeds of Crime Act 2002( 2 ).

Requirements by customer to utilise the platform

A valid proof of identity and a proof of current residential address will be required for those person(s) who ultimately owns or controls the entity and/or the person on whose behalf the transaction is being conducted.

The primary form of identification must bear a photograph and signature. We prefer to see the original

document, but if this is not possible, copies must be certified as a true copy of the original,

  • Full UK or foreign passport
  • Full UK or foreign photo card driving licence
  • Photo card national identity card

The passport, driving licence or national identity card must be valid, up to date and be signed by the holder.


Proof of Address

The second form of identification must confirm the individual’s permanent residential address.

  • Full UK photo card driving licence bearing residential address (if not already used as your proof of identity)
  • UK or foreign bank credit card / bank statement (dated within the last three months and not printed from the internet)
  • UK mortgage statement (dated within the last 12 months and not printed from the internet)
  • UK council tax bill (for the current year)
  • Letter/bill from utility company (less than 3 months old, except for water bills, which must relate to the current charging period). The letter you receive must confirm you receive a service from the company. Mobile phone bills are not accepted.
  • UK TV Licence letter or Direct Debit schedule (less than 12 months old). This should confirm your name, address and existence of a TV Licence.
  • Voters Roll search

Proofs of ID and address will also be required on a risk-based approach for those person(s) who will transact with BCB Xchange Ltd and/or give BCB Xchange Ltd instructions concerning the use or transfer of funds or assets. This may include the entities Directors (or equivalent), Authorised Signatories, etc. Additional background information on the individual (s)’ background may be required on a risk-based approach.

Proof of residential address which shows the name of the customer opening the account (documents showing joint names for couples are acceptable). Any one of the following:

  • Valid, full driving license (unless already provided as proof of identity)
  • Utility bill (such as gas, water, electricity, although NOT a mobile phone bill)
  • Television license
  • Home or motor insurance policy document or certificate
  • Council tax (or equivalent) bill

All documentation must be from a recognised or verifiable provider and must not be more than three months old. Please note that mobile telephone bills, store card statements and any documents showing a "care of address" or non- residential address cannot be accepted.

If any party has previously been identified by BCB Xchange Ltd or BCB ATM Ltd in conjunction with another service, please indicate this on the KYC Form if you would like us to use previously supplied information (provided this remains up-to-date and valid). If Credit Reference Agency searches are required, these may be refreshed if necessary.


Use of data and retention period

All personal information and documentation will solitarily be used for internal compliance purposes. BCB Xchange Ltd will retain copies of all documentation provided for at least 10 years from the last date on which the customer transacts on BCB Market

However, to prevent crime and/or verify your identity, we may exchange information where appropriate, with fraud prevention agencies, law enforcement agencies, debt recovery agencies and other organisations. If you give us false or inaccurate information and potential fraud is identified, details will be passed to fraud prevention agencies to prevent fraud and money laundering. We may use credit reference agencies in order to verify your identity using information from the Electoral Register and other public sources. We may use details of your credit history (together with those of any financial associate with whom your financial records have been linked by the credit reference agencies) to assess your suitability for an investment and your ability to meet your financial commitments.


Certification of Documents

People who can certify documents are:

  • Employees of Homes England (for UK-issued documentation only upon sight of the original)
  • A qualified lawyer or attorney, registered with the relevant national professional body
  • A qualified accountant, registered with the relevant national professional body
  • A notary public, a member of the judiciary, a senior civil servant or a serving police officer
  • A director, manager or bank counter staff of a bank or an authorised credit or financial institution and stamped with an official stamp
  • A British Embassy, consulate or high commission officer in the country of issue
  • A chartered secretary, registered with the Institute of Chartered Secretaries and Administrators
  • A chartered legal executive registered with the Chartered Institute of Legal Executives
  • A Commissioner for Oaths
  • Licensed Conveyancer
  • An employee of the UK Post Office

Please note that individuals within the above categories in most countries are acceptable but exceptions may apply. If you require further information on the exceptions before providing the documentation please liaise with the MRLO.


Politically Exposed Persons

Politically Exposed Persons (PEPs) / Sanctions checks – additional information relating to country of birth/ country of residence etc. for key controllers/beneficiaries may be required to enable enhanced due diligence to be performed if required.

Where Heliocor reveals that a prospective customer is a PEP, BCB Xchange Ltd cannot take on such an individual as a customer without the consent from the managing director or head of compliance.

In addition, the prospective customer will be required, at customer take on stage, to provide information, with supporting evidence of their source of wealth:

  • Their current salary and other income; and
  • Their liquid assets (including cash and investment portfolio).

The information provide on source of wealth will be required to provide some context to the source of funds for transactions (see below).


Blacklisted Jurisdictions/Watchlists

When assessing whether there is a high risk of money laundering or terrorist financing in a particular situation, and the extent of the measures which we will take to manage and mitigate that risk, the MRLO will take account of risk factors including, among other things

  1. customer risk factors, including whether
    1. the business relationship is conducted in unusual circumstances;
    2. the customer is resident in a geographical area of high risk
    3. the customer is a legal person or legal arrangement that is a vehicle for holding personal assets;
    4. the customer is a company that has nominee shareholders or shares in bearer form;
    5. the customer is a business that is cash intensive;
    6. the corporate structure of the customer is unusual or excessively complex given the nature of the company’s business;
  2. product, service, transaction or delivery channel risk factors, including whether
    1. the product involves private banking;
    2. the product or transaction is one which might favour anonymity;
    3. the situation involves non-face-to-face business relationships or transactions, without certain safeguards, such as electronic signatures;
    4. payments will be received from unknown or un-associated third parties;
    5. new products and new business practices are involved, including new delivery mechanisms, and the use of new or developing technologies for both new and pre-existing products;
    6. the service involves the provision of nominee directors, nominee shareholders or shadow directors, or the formation of companies in a third country;
  3. geographical risk factors, including
    1. countries identified by credible sources, such as mutual evaluations, detailed assessment reports or published follow-up reports, as not having effective systems to counter money laundering or terrorist financing;
    2. countries identified by credible sources as having significant levels of corruption or other criminal activity, such as terrorism (within the meaning of section 1 of the Terrorism Act 2000( 1 )), money laundering, and the production and supply of illicit drugs;
    3. countries subject to sanctions, embargos or similar measures issued by, for example, the European Union or the United Nations;
    4. countries providing funding or support for terrorism;
    5. countries that have organisations operating within their territory which have been designated
      1. by the government of the United Kingdom as proscribed organisations under Schedule 2 to the Terrorism Act 2000( 2 ), or
      2. by other countries, international organisations or the European Union as terrorist organisations;
    6. countries identified by credible sources, such as evaluations, detailed assessment reports or published follow-up reports published by the Financial Action Task Force, the International Monetary Fund, the World Bank, the Organisation for Economic Co-operation and Development or other international bodies or non-governmental organisations as not implementing requirements to counter money laundering and terrorist financing that are consistent with the recommendations published by the Financial Action Task Force in February 2012 and updated in October 2016

BCB Xchange Ltd will not onboard customers or engage in a business relationship with parties from certain geographical jurisdictions for the purpose of moderating compliance risk. BCB Xchange will uphold guidelines set for international sanction requirements imposed by, among others, the United States.

BCB Xchange Ltd will not in any occurrences transact with parties incorporated in/a resident of or with financial operations in, the following countries:

The Bahamas

Sri Lanka

Botswana

Syria

Ethiopia

Trinidad and Tobago

Ghana

Tunisia

Pakistan

Yemen

Serbia

Cambodia

North Korea

Iran

Furthermore, BCB Xchange Ltd maintains procedures to detect parties who emerge on assorted international sanctions lists. BCB Xchange Ltd will not under any circumstances accept customers or otherwise do business with parties appearing on these sanctions lists.


Refreshed CDD

The MRLO will request a new set of KYC documentation provided by individual customers in the following circumstances:

  • Every twelve months following the initial take-on of the customer:
    • Fresh photo ID documentation where the documentation previously supplied has since expired.
    • Fresh proof of address documentation.
  • Where a customer who has not traded for the previous twelve months wishes to trade:
    • Fresh photo ID will be required where the documentation previously supplied has since expired.
    • Fresh proof of address documentation.

A new Heliocor check will be carried out whenever new customer documentation is received.

A new PEP and sanctions check will be carried out on each individual, director or 25%+ ultimate beneficial owner every three months from initial onboarding, or, if a counterparty has not traded in the previous three months, before any subsequent trade can be executed.


Constant CDD

BCB Xchage will conduct ongoing monitoring of its business relationships on a risk-sensitive basis. Ongoing monitoring means scrutinising transactions to ensure that they are consistent with what we know about the customer and taking steps to ensure that our knowledge about the business relationship remains current. As part of this, we must keep documents, data and information obtained in the CDD context (including information about the purpose and intended nature of the business relationship) up to date. We will apply CDD measures if we doubt the truth or adequacy of previously obtained documents, data or information.

Where the risk associated with the business relationship is increased, firms we will carry out enhanced ongoing monitoring of the business relationship. 

Constant CDD is required under Regulation 27(8) of the 2017 Regulations for existing clients at appropriate times based on the risk-based approach adopted by BCB Xchange Ltd. Any member of staff becomes aware that the circumstances of an existing customer which are relevant to a previous assessment of the risk of money laundering or terrorist financing have changed.

  • Where there are indications that the identity of a customer or, in relation to a corporate body, its beneficial owner, has changed.
  • A customer is carrying out transactions which are not reasonable consistent with BCB Xchange Ltd.’s previous knowledge or experience of that customer.
  • The purpose or intended nature of BCB Xchange Ltd.’s relationship with the client change for any reason.
  • There exist any other events or circumstances which might affect BCB Xchange Ltd.’s assessment of the money laundering or terrorist financing risk in relation to that customer.

Potential issues to be aware of include (not an exhaustive list):

  • Where the identity of the holder of the bank account from which funds are being remitted to BCB Xchange Ltd does not match the name of the customer which BCB Xchange Ltd has on file. Where such funds are received, no trade should take place and BCB Xchange Ltd staff should immediately contact the customer to request an explanation, which once received should be referred to the managing director or head of compliance. In the case of joint accounts where one account holder is the customer, KYC documentation should be obtained in the other account holders before any trade can proceed. Money should not be returned to the customer without the consent of the head of compliance (an immediate return of funds may alert a customer that money laundering is suspected, thus exposing BCB Xchange Ltd and its staff to criminal liability under the “tipping off” offence under POCA).
  • Being asked to accept cash to trade with BCB Xchange Ltd. BCB Xchange Ltd operates a strict no-cash policy.
  • Becoming or being made aware that the cryptocurrency wallet from which BCB Xchange Ltd is receiving cryptocurrency or to which it is asked to transfer cryptocurrency does not belong to the client.
  • Any unusual pattern of trades, such as a one-off large trade or series of large trades, which is inconsistent with historic trading patterns.

Anything which raises suspicions in relation to a customer should be reported to the managing director or head of compliance immediately.


Source of Funds or Digital Assets

Source of wealth/source of funding for key controllers/beneficiaries/company, we will require details of how the entity and/or key controllers/beneficiaries generated their wealth and clarification as to where the funds for the transaction originate from. Documentary evidence will be required.

Certain trades will require confirmation as to proof of funds/wealth before they can be made. These are:

  • Any transaction from a PEP customer;
  • Any transaction from a non-PEP customer with a fiat value in excess of Euros 15,000; and
  • Any transaction from a non-PEP customer which would result in that customer having completed transactions with a fiat value of more than Euros 15,000 with BCB Xchange Ltd in the previous 12 months.

Customers requested to provide confirmation of source of funds should provide:

  • An explanation of where the funds for the trade in question have originated (from income, savings, liquidation of another asset etc).
  • Depending on the explanation of the source of funds, documentary evidence of the explanation, such as copy bank statements, investment account records or a solicitors’ or accountants’ letter confirming source of funds.
  • In the case of cryptocurrency-to-fiat transactions, evidence of the original fiat-to-cryptocurrency transaction and the source of the fiat funds for that original acquisition. This will include details of the original transaction or transactions, including time, date and transferor/transferee wallet details. BCB Xchange Ltd reserves the right to carry out due diligence via analysis of the blockchain to verify past transactions, including

For high value transactions, BCB Xchange Ltd also reserve the right to verify that the cryptocurrency wallet from which a client is sending cryptocurrency or to which BCB Xchange Ltd is asked to send cryptocurrency belongs to that client. This will typically consist of a small pilot transfer of cryptocurrency to the client wallet which the client will transfer back to evidence of client wallet control.

The MRLO must be consulted in each source of funds request and, following receipt of relevant documentation, his/her consent obtained before any trade may take place.


Policies and Procedures

We will maintain policies and procedures before and during the use of our platform to mitigate the risk of money laundering and terrorist financing. We will review these policies regularly to ensure we comply with any changes in regulation or where amendments are necessary for the purpose of safeguarding our customers. The prevention of money laundering through our platform will be monitored through key topics listed below:

  • Customer due diligence/Enhanced due diligence on onboarding new customers
  • Ongoing due diligence throughout customers trading period
  • Record keeping
  • Transaction monitoring
  • Reporting
  • Internal controls for management and staff


Money Laundering Reporting Officer (MLRO)

The MLRO will oversee the management and enforcement of the policies and procedures to ensure that the appropriate systems are in place. Training will be provided to all staff, including management in regard to the systems in place to cover the key topics.



Customer Due Diligence

CDD is required to establish a business relationship with its customers. CDD will be required at the time of sign up on our platform or before performing any transactions. We require certain documents that must be submitted to complete verification. Please see table below of accepted documentation.



Individuals
Type Document
Photo Identification
  • Passport
  • Driving Licence
  • National ID Card
Proof of Address
  • Driving Licence (If not used for Photo ID)
  • Utility Bill
  • TV Licence
  • Home or Motor Insurance Document
  • Council Tax Bill
Photo
  • Selfie Taken at the time of application

We will retain copies of submitted documents throughout the entirety of the business relationship with the customer and for 10 years after the date the relationship has ended. Documentation and personal data will only be used for compliance purposes.



CDD Provider

We us Heliocor to conduct additional identity verification. Each new customer’s details will be submitted to the Heliocor platform and a report will be generated for that customer. If the report flags any issues with the documentation provided, we will take steps to obtain additional documentation to satisfy the information provided by the customer is true and accurate. The Heliocor platform will also report on whether the customer is a Politically Exposed Person or appears on an international sanction or watch list.



Record Keeping

We will retain all copies of documentation that was submitted by the customer when establishing a business relationship, and any other documentation submitted to us during the business relationship. This information will be retained though-out the business relationship and for 10 years after the business relationship has ended.
Records of transactions including, deposits, trades and withdrawals will be retained for 10 years from the date of transaction.
Personal data will be used to establish a business relationship with the customer and for the prevention of money laundering or terrorist financing.



Transaction Monitoring & Reporting

Transactions made on our platform will be monitored by trained staff. Any suspicious activity will be flagged and reported to the relevant bodies.



Internal Controls for Staff and Management

Staff members will be required to review the policies and procedures. They will be required to read and understand the content, and training will be provided for staff to act upon in accordance to this policy. Changes made to the policies and procedures will be communicated to staff when available and in a timely manner. Compliance with the policies will be monitored by the MLRO on a regular basis to ensure we remain compliant with UK AML regulations.



Risk Assessment

To mitigate the risk of money laundering, we have adopted procedures in our deposit and withdrawal operations. We have identified the following risks and have adopted the best practice on our platform to prevent this:

  • Third party deposits (Fiat assets)
  • Third party withdrawals (Digital assets and Fiat assets)


Fiat Deposits

Customer fiat deposits are only permitted from pre-registered bank accounts in the customer’s name.

Before a deposit is accepted, customers are required to register at least 1 bank account up to a maximum of 3. Requests to add a new bank account are submitted and checked by our team by confirming the account details against a recent bank statement of the customer.

We will not permit third party bank account details to be added to a customer's account. If we suspect any attempt to deposit funds into our platform using a third-party account, funds will be frozen, and the customer account will be suspended. Further documentation will be required for funds to be released back to the originating account.


Digital Asset Withdrawal

Customer digital asset withdrawals are only permitted from pre-registered wallet addresses belonging to the customer. Customers are required to confirm that the registered wallet address belongs to them. Customers are only permitted to change 1 of the 3 withdrawal wallet addresses per month.

Before a withdrawal is accepted and processed, customers are required to register at least 1 wallet address up to a maximum of 3. Requests to add a new withdrawal wallet address are submitted and checked by our team by confirming that the wallet address exists against public block explorers.

We will not permit third party wallet address details to be added to a customer’s account. If we suspect any suspicious activity on our platform using a third-party wallet address, or addresses list on out blacklist, funds will be frozen, and the customer account will be suspended. Further documentation will be required for funds to be released.


Fiat Withdrawals

Customer fiat withdrawals are only permitted from pre-registered bank accounts in the customer’s name.

Before a withdrawal is accepted and processed, customers are required to register at least 1 bank account up to a maximum of 3. Requests to add a new bank account are submitted and checked by our team by confirming the account details against a recent bank statement of the customer.

We will not permit third party bank account details to be added to a customer’s account. If we suspect any attempt to withdraw funds into a third-party account from out platform, funds will be frozen, and the customer account will be suspended. Further documentation will be required for funds to be released.

Updated: 9th January 2020

Find out more about BCB Market™

icon
Compliance

We believe legal compliance is key to growing digital finance. Have a read through our policies for an overview of how we keep our customers assets secure.

learn more
icon
About BCB Market™

Learn about our journey in the Crypto industry and the team that built it. Have a look at our other services within this space and how we are re-shaping digital finance.

learn more