Last Updated: January 2023
CONTACT US
If you have any questions about this Privacy Policy, You can contact us:
By email: compliance@transfi.com
By visiting this page on our website: www.transfi.com
OUR ENTITIES
TransFi operates through Trans-Fi UAB (“TransFi”, “we”, “us”, “our”) in order to provide services TransFi may share your personal data with its other entities (subsidiaries and affiliates) and use it in accordance with this Privacy Policy.
Address: Pramones 10G, Vilnius, Lithuania LT-11118
Code: 306117433
The objective of TransFi’s (all subsidiaries and affiliates) privacy policy is to commit to protecting the privacy of users and customers to our website & services. Please read this carefully as this policy is legally binding when you use our Services. For the purpose of the relevant data protection regulations, TransFi is the “data controller” of your information.
This Privacy Policy describes how we collect, use, handle and, under certain conditions, disclose your personal data, when you access our services, which include our content on the website located at www.transfi.com or any other websites, pages, features, or content we own or operate (collectively, the “Website (s)”), or any TransFi API or third party applications relying on such an API, and related services (referred to collectively hereinafter as “Services”).
This Privacy Policy also explains the steps we have taken to secure your personal information. Finally, this Privacy Policy explains your options regarding the collection, use and disclosure of your personal information. By visiting the site, you accept the practices described in this privacy policy for the site.
If you have any questions about this policy, please send them to compliance@transfi.com
Personal information means any data which relates to a living individual who can be identified from that data, or from that data and other information, which is in the possession of, or is likely to come into the possession of, TransFi (or its representatives or service providers). In addition to information, it includes any expression of opinion about an individual and any indication of the intentions of TransFi or any other person in respect of an individual. The definition of personal information depends on the relevant law applicable for your physical location. TransFi may collect and use the following data about you.
This includes information you provide to us in order to establish an account and access our Services. This information is either required by law (e.g. to verify your identity), necessary to provide the requested services (e.g. you will need to provide your bank account number if you would like to link that account to TransFi), or is relevant for our legitimate interests described in greater detail below.
The nature of the Services you are requesting will determine the kind of personal information we might ask for, but may include:
This includes information we collect automatically, such as whenever you interact with the Sites or use the Services. With regard to your use of our Services we may automatically collect the following information:
We may receive information about you if you use any of the other websites we operate or the other services we provide This includes information we may obtain about you from third party sources. The main types of third parties we receive your personal information from are:
We may use your information in the following ways and for the following purposes:
(a) Internal Use: We use your personal information to provide you with our services. We may internally use your personal information to improve the Site’s content and layout, to improve our outreach and for our own marketing efforts (including marketing our services to you), and to determine general information about visitors’ usage behavior to the Site. We require certain information such as your identification, contact and payment information. Third parties that we use such as identity verification services may also access and/or collect your personal information when providing identity verification and/or fraud prevention services. In addition, we may need to collect fees based on your use of our Services. We collect information about your account usage and closely monitor your interactions with our Services. The consequences of not processing your personal information for such purposes is the termination of your account.
(b) Communications with You: According to your preferences and in compliance with applicable law, we may send you marketing communications to inform you about events, to deliver targeted marketing and to share promotional offers. If you are a new customer, we will contact you by electronic means for marketing purposes only if you have consented to such communication. If you do not want us to send you marketing communications, please go to your account settings to opt-out or submit a request via compliance@transfi.com.
We may send you service updates regarding administrative or account-related information, security issues, or other transaction-related information. These communications are important to share developments relating to your account that may affect how you can use our Services. You cannot opt-out of receiving critical service communications.
We also process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.
(c) To maintain legal and regulatory compliance: TransFi needs to process your personal information in order to comply with Anti-Money Laundering and security laws. In addition, when you seek to link a bank account to your TransFi account, we may require you to provide additional information which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. We may be required to disclose certain information in response to requests from law-enforcement officials conducting investigations; subpoenas; a court order; or if we are otherwise required to disclose such information by law. We also will release personal information where disclosure is necessary to protect our legal rights, enforce other agreements, or to protect ourselves or others. For example, we may share information to reduce the risk of fraud or if someone uses or attempts to use the website for illegal reasons or to commit fraud. We also process your personal information in order to help detect, prevent, and mitigate fraud and abuse of our Services and to protect you against account compromise or funds loss. If you do not provide personal information required by law, we will have to close your account.
(d) External Use: We disclose information to our service providers to help enable them to perform services on your behalf. For example, in order to purchase and custody cryptos & or virtual digital assets, we must share some information with third parties, such as your name, email address, physical address, social security number, date of birth, government-issued identification and the amount of cryptos & or virtual digital assets being purchased. Similarly, when we obtain bank account information for ACH transaction and credit card or debit card information, a third-party receives that information to process the payment in connection with the sale of cryptos & or virtual digital assets. Even when you ask us to remember your bank account information, or credit card or debit card information, we do not store sensitive payment data such as the entire credit card number and CVV. Rather, we pass the payment data to the third-party processor and receive back from them a token that does not contain the sensitive data. We do retain non-sensitive payment data used to identify a payment such as the last four digits of a card number and expiration date.
We may share non-personal information (such as the number of daily visitors to the website or the size of an order placed on as certain date) with third parties. This information does not directly personally identify you or any user. For the avoidance of doubt, any IP addresses or a device or other identifier we collect may be shared with one or more third parties.
(e) In our legitimate business interests: Sometimes the processing of your personal information is necessary for our legitimate business interests, such as:
We allow your personal information to be accessed only by those who require access to perform their work and share it only with third parties who have a legitimate purpose for accessing it. TransFi will never sell or rent your personal information to third parties without your explicit consent. We will only share your personal information with the selected third parties including:
Examples of account connections include:
Merchants: If you use your TransFi account to conduct a transaction with a third-party merchant, the merchant may provide data about you and your transaction to us.
Your financial services providers: For example, if you send us funds from your bank account, your bank will provide us with identifying information in addition to information about your account in order to complete the transaction.
TransFi will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Our website may contain links to other websites for your convenience or information. These websites may be operated by companies unaffiliated with TransFi, and we are not responsible for the content or privacy practices of those websites. Linked websites may have their own terms of use and privacy policies, and we encourage you to review those policies whenever you visit the websites.
TransFi implements and maintains reasonable measures to protect your information. Customer files are protected with safeguards according to the sensitivity of the relevant information. Reasonable controls (such as restricted access) are placed on our computer systems.
TransFi is an international business with operations in multiple countries. This means we may transfer to locations outside of your country. When we transfer your personal information to another country, we will ensure that any transfer of your personal information is compliant with applicable data protection law.
We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the US and elsewhere in the world where our facilities or service providers are located. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.
As a condition of employment, TransFi’s employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive personal information is limited to those employees who need to it to perform their roles. Unauthorized use or disclosure of confidential customer information by a TransFi employee is prohibited and may result in disciplinary measures.
Finally, we rely on third-party service providers for the physical security of some of our computer hardware. We require those third-party service providers to comply with commercially reasonable security practices and measures. For example, when you visit our website, you access servers that are kept in a secure environment. While we use industry-standard precautions to safeguard your personal information, we cannot and do not guarantee complete security. 100% complete security does not exist anywhere online or offline. As such, you assume the risk of security breaches and all consequences resulting from them. To that end, please safeguard your credentials.
If we anonymize your personal information so that it can no longer be associated with you, it will no longer be considered personal information, and we can use it without further notice to you.
We do not knowingly request to collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, TransFi will require the user to close his or her account and will not allow the user to continue using our Services. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.
We retain the personal information we collect for so long as reasonably necessary to fulfill the purposes for which the data was collected and to perform our contractual and legal obligations. Not with standing the generality of the foregoing, we store email addresses and phone numbers until the user requests to be unsubscribed or removes themselves through any self-service tools offered to the user.
We may use some instances of your data in order customise our services and the information we provide to you, and to address your needs - such as your country of address and transaction history. For example, if you frequently send funds from one particular currency to another, we may use this information to inform you of new product updates or features that may be useful for you. When we do this, we take all necessary measures to ensure that your privacy and security are protected - and we only use pseudonymised data wherever possible. This activity has no legal effect on you.
Depending on applicable law of where you reside, you may be able to assert certain rights related to your personal information. These rights include:
Our Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for them. Please check these policies before you submit any personal data to these websites. Further information about your rights may be obtained by contacting the supervisory data protection authority located in your jurisdiction.
Subject to applicable laws, you may have the right to access information we held about you. Your right of access can be exercised in accordance with the relevant data protection legislation.
We may update this Privacy Policy from time to time and without prior notice to you to reflect changes in our information practices, and any such amendments shall apply to information already collected and to be collected. Your continued use of the website after any changes to this Privacy Policy indicates your agreement with the terms of the revised Privacy Policy. Please review this Privacy Policy periodically and especially before you provide personal data to us. If we make material changes to this Privacy Policy, we will notify you here, by email or by means of a notice on the home page the website. The date of the last update of the Privacy Policy is indicated at the top of this document.
TRANS-FI INC is the Parent company of Trans-Fi UAB and is headquartered at:
100 Ashley Drive,
Suite 600,
Tampa, FL 33602,
USA
If you have questions or concerns regarding this Privacy Policy, please contact us at compliance@transfi.com
Last Updated: May 2022
The objective of TransFi’s (Trans-Fi Inc.) privacy policy is to commit to protecting the privacy of visitors to our website and our customers. Please read this carefully as this policy is legally binding when you use our Services. For the purpose of the relevant data protection regulations, TransFi is the “data controller” of your information.
This Privacy Policy describes how we collect, use, handle and, under certain conditions, disclose your personal data, when you access our services, which include our content on the website located at www.transfi.com or any other websites, pages, features, or content we own or operate (collectively, the “Website (s)”), or any TransFi API or third party applications relying on such an API, and related services (referred to collectively hereinafter as “Services”).
This Privacy Policy also explains the steps we have taken to secure your personal information. Finally, this Privacy Policy explains your options regarding the collection, use and disclosure of your personal information. By visiting the site, you accept the practices described in this privacy policy for the site.
If you have any questions about this policy, please send them to compliance@transfi.com
Personal information means any data which relates to a living individual who can be identified from that data, or from that data and other information which is in the possession of, or is likely to come into the possession of, TransFi (or its representatives or service providers). In addition to factual information, it includes any expression of opinion about an individual and any indication of the intentions of TransFi or any other person in respect of an individual. The definition of personal information depends on the relevant law applicable for your physical location. TransFi may collect and use the following data about you.
This includes information you provide to us in order to establish an account and access our Services. This information is either required by law (e.g. to verify your identity), necessary to provide the requested services (e.g. you will need to provide your bank account number if you would like to link that account to TransFi), or is relevant for our legitimate interests described in greater detail below.
The nature of the Services you are requesting will determine the kind of personal information we might ask for, but may include:
This includes information we collect automatically, such as whenever you interact with the Sites or use the Services. With regard to your use of our Services we may automatically collect the following information:
We may receive information about you if you use any of the other websites we operate or the other services we provide This includes information we may obtain about you from third party sources. The main types of third parties we receive your personal information from are:
We may use your information in the following ways and for the following purposes:
(a) Internal Use: We use your personal information to provide you with our services. We may internally use your personal information to improve the Site’s content and layout, to improve our outreach and for our own marketing efforts (including marketing our services to you), and to determine general information about visitors’ usage behavior to the Site. We require certain information such as your identification, contact and payment information. Third parties that we use such as identity verification services may also access and/or collect your personal information when providing identity verification and/or fraud prevention services. In addition, we may need to collect fees based on your use of our Services. We collect information about your account usage and closely monitor your interactions with our Services. The consequences of not processing your personal information for such purposes is the termination of your account.
(b) Communications with You: According to your preferences and in compliance with applicable law, we may send you marketing communications to inform you about events, to deliver targeted marketing and to share promotional offers. If you are a new customer, we will contact you by electronic means for marketing purposes only if you have consented to such communication. If you do not want us to send you marketing communications, please go to your account settings to opt-out or submit a request via compliance@transfi.com
We may send you service updates regarding administrative or account-related information, security issues, or other transaction-related information. These communications are important to share developments relating to your account that may affect how you can use our Services. You cannot opt-out of receiving critical service communications.
We also process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.
(c) To maintain legal and regulatory compliance: TransFi needs to process your personal information in order to comply with Anti-Money Laundering and security laws. In addition, when you seek to link a bank account to your TransFi account, we may require you to provide additional information which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. We may be required to disclose certain information in response to requests from law-enforcement officials conducting investigations; subpoenas; a court order; or if we are otherwise required to disclose such information by law. We also will release personal information where disclosure is necessary to protect our legal rights, enforce other agreements, or to protect ourselves or others. For example, we may share information to reduce the risk of fraud or if someone uses or attempts to use the website for illegal reasons or to commit fraud. We also process your personal information in order to help detect, prevent, and mitigate fraud and abuse of our Services and to protect you against account compromise or funds loss. If you do not provide personal information required by law, we will have to close your account.
(d) External Use: We disclose information to our service providers to help enable them to perform services on your behalf. For example, in order to purchase and custody cryptos & or virtual digital assets, we must share some information with third parties, such as your name, email address, physical address, social security number, date of birth, government-issued identification and the amount of cryptos & or virtual digital assets being purchased. Similarly, when we obtain bank account information for ACH transaction and credit card or debit card information, a third-party receives that information to process the payment in connection with the sale of cryptos & or virtual digital assets. Even when you ask us to remember your bank account information, or credit card or debit card information, we do not store sensitive payment data such as the entire credit card number and CVV. Rather, we pass the payment data to the third-party processor and receive back from them a token that does not contain the sensitive data. We do retain non-sensitive payment data used to identify a payment such as the last four digits of a card number and expiration date.
We may share non-personal information (such as the number of daily visitors to the website or the size of an order placed on as certain date) with third parties. This information does not directly personally identify you or any user. For the avoidance of doubt, any IP addresses or a device or other identifier we collect may be shared with one or more third parties.
(e) In our legitimate business interests: Sometimes the processing of your personal information is necessary for our legitimate business interests, such as:
We allow your personal information to be accessed only by those who require access to perform their work and share it only with third parties who have a legitimate purpose for accessing it. TransFi will never sell or rent your personal information to third parties without your explicit consent. We will only share your personal information with the selected third parties including:
Examples of account connections include:
Merchants: If you use your TransFi account to conduct a transaction with a third-party merchant, the merchant may provide data about you and your transaction to us.
Your financial services providers: For example, if you send us funds from your bank account, your bank will provide us with identifying information in addition to information about your account in order to complete the transaction.
Our website may contain links to other websites for your convenience or information. These websites may be operated by companies unaffiliated with TransFi, and we are not responsible for the content or privacy practices of those websites. Linked websites may have their own terms of use and privacy policies, and we encourage you to review those policies whenever you visit the websites.
TransFi implements and maintains reasonable measures to protect your information. Customer files are protected with safeguards according to the sensitivity of the relevant information. Reasonable controls (such as restricted access) are placed on our computer systems.
TransFi is an international business with operations in multiple countries. This means we may transfer to locations outside of your country. When we transfer your personal information to another country, we will ensure that any transfer of your personal information is compliant with applicable data protection law.
We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the US and elsewhere in the world where our facilities or service providers are located. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.
As a condition of employment, TransFi’s employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive personal information is limited to those employees who need to it to perform their roles. Unauthorized use or disclosure of confidential customer information by a TransFi employee is prohibited and may result in disciplinary measures.
Finally, we rely on third-party service providers for the physical security of some of our computer hardware. We require those third-party service providers to comply with commercially reasonable security practices and measures. For example, when you visit our website, you access servers that are kept in a secure environment. While we use industry-standard precautions to safeguard your personal information, we cannot and do not guarantee complete security. 100% complete security does not exist anywhere online or offline. As such, you assume the risk of security breaches and all consequences resulting from them. To that end, please safeguard your credentials.
If we anonymize your personal information so that it can no longer be associated with you, it will no longer be considered personal information, and we can use it without further notice to you.
We do not knowingly request to collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, TransFi will require the user to close his or her account and will not allow the user to continue using our Services. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.
We retain the personal information we collect for so long as reasonably necessary to fulfill the purposes for which the data was collected and to perform our contractual and legal obligations. Not with standing the generality of the foregoing, we store email addresses and phone numbers until the user requests to be unsubscribed or removes themselves through any self-service tools offered to the user.
We may use some instances of your data in order customise our services and the information we provide to you, and to address your needs - such as your country of address and transaction history. For example, if you frequently send funds from one particular currency to another, we may use this information to inform you of new product updates or features that may be useful for you. When we do this, we take all necessary measures to ensure that your privacy and security are protected - and we only use pseudonymised data wherever possible. This activity has no legal effect on you.
Depending on applicable law of where you reside, you may be able to assert certain rights related to your personal information. These rights include:
Our Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for them. Please check these policies before you submit any personal data to these websites. Further information about your rights may be obtained by contacting the supervisory data protection authority located in your jurisdiction.
Subject to applicable laws, you may have the right to access information we held about you. Your right of access can be exercised in accordance with the relevant data protection legislation.
We may update this Privacy Policy from time to time and without prior notice to you to reflect changes in our information practices, and any such amendments shall apply to information already collected and to be collected. Your continued use of the website after any changes to this Privacy Policy indicates your agreement with the terms of the revised Privacy Policy. Please review this Privacy Policy periodically and especially before you provide personal data to us. If we make material changes to this Privacy Policy, we will notify you here, by email or by means of a notice on the home page the website. The date of the last update of the Privacy Policy is indicated at the top of this document.
TransFi is headquartered at:
100 Ashley Drive,
Suite 600,
Tampa, FL 33602,
USA
If you have questions or concerns regarding this Privacy Policy, please contact us at compliance@transfi.com
Last updated: November 2024
The guidelines contained in this reference shall provide guidance to the staff of Trans-Fi UAB and its subsidiaries & affiliated entities (together referred to as “TransFi” and “the Company”) AND its customers, regarding practices and standards that TransFi expects to have in place, in order to detect and prevent money laundering and terrorist financing; identify and report suspicious activity; comply with anti-terrorism & sanctions laws and regulations; and other relevant international laws.
KYC laws have been a standard AML obligation around the world for decades and were introduced in the United States with the USA Patriot Act1 and in Europe with the European Union Anti-Money Laundering Directives (AMLD) to help detect and prevent Terrorism Financing activities
These Guidelines have been adopted to ensure that the Company also complies with the rules and regulations set out in:
These Policy lines are the subject of a review by the Company's Money Laundering Reporting Officer at least annually. The proposal for a review and the review of these Policy lines may be scheduled more often by the decision of the Company's Money Laundering Reporting Officer (MLRO) and obligations of applicable laws.
TransFi has created this AML KYC policy to:
This Policy, coupled with internal controls, independent compliance testing and appropriate training, are the key segments of TransFi’s Anti-Money Laundering (AML) and Know-your-customer & Business (KYC/KYB) approach.
TransFi’s AML/KYC & KYB policy covers the following elements:
(i) Beneficial Owner in the case of a legal entity, is a natural person whose direct or indirect holdings, or the sum of all direct and indirect holdings in the legal entity, exceeds 25 percent, including holdings in the form of shares or other forms of bearer holdings.
(ii) Business Relationship means a relationship that is established upon conclusion of a long-term contract by the Company in economic or professional activities for the purpose of provisioning of a service or distribution thereof in another manner or that is not based on a long-term contract, but whereby a certain duration could be reasonably expected at the time of establishment of the contract and during which the Company repeatedly makes separate transactions in the course of economic or professional activities while providing a service.
(iii) CDD means Customer due diligence which is collecting and evaluating the new customers' information and determining their risk for illegal financial transactions
(iv) Company means TransFi.
(v) Customer means a legal entity which has business relationship with the Company or legal entity with which the Company enters into an occasional transaction.
(vi) Employee means the Company's employee, including persons who are involved in application of this Policy in the Company.
(vii) MLRO means Money Laundering Reporting Officer, who is appointed to the Company as a compliance officer in the meaning of § 17 of MLTFPA.
(viii) Money Laundering (ML) means the concealment of the origins of illicit funds through their introduction into the legal economic system and transactions that appear to be legitimate. There are three recognized stages in the money laundering process:
(ix) Occasional Transaction means the transaction performed by the Company in the course of economic or professional activities for the purpose of provision of a service or sale of goods or distribution thereof in another manner to the customer and / or user outside the course of an established business relationship.
(x) PEP (Politically exposed person) means a natural person who performs or has performed prominent public functions and with regard to whom related risks remain.
At least the following persons are deemed to be PEPs:
Middle ranking or more junior officials are not considered PEPs.
(xi) Sanctions mean an essential tool of foreign policy aimed at supporting the maintenance or restoration of peace, international security, democracy and the rule of law, following human rights and international law or achieving other objectives of the United Nations Charter or the common foreign and security Policy of the European Union. Sanctions include:
International sanctions may ban the entry of a subject of an international sanction in the state, restrict international trade and international transactions, and impose other prohibitions or obligations. The subject of Sanctions is any natural or/and legal person, entity, or body, designated in the legal act imposing or implementing Sanctions, with regard to which the Sanctions apply
(xii) Terrorist Financing (TF) means the financing and supporting of an act of terrorism and commissioning thereof, as well as the financing and supporting of travel for the purpose of terrorism, in the meaning of applicable legislation.
(xiii) User means a natural person who has business relation with the Company or the Company’s customers, or with whom the Company or the Company’s customers enter into occasional transactions.
(xiv) Virtual currency means a value represented in the digital form, which is digitally transferable, preservable or tradable and which natural persons or legal persons accept as a payment instrument, but that is not the legal tender of any country or funds for the purposes of Article 4(25) of Directive (EU) 2015/2366 of the European Parliament and of the Council on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, pp 35-127) or a payment transaction for the purposes of points (k) and (I) of Article 3 of the same Directive.
TransFi is an international services provider in a host of countries within which it provides its services. Regulatory requirements across the world require customer due diligence as a critical tool to prevent illegal activity. TransFi has set up data collection, verification, analytics, investigation and reporting processes within the standards of Anti-Money Laundering regulations through its “Know Your Customer (KYC/KYB)” framework. Key elements of this framework are:
Standard due diligence (SDD) is applied where the customer's risk profile indicates lower risk and where, in accordance with the risk assessment of the Company, it has been identified that in such circumstances the risk of money laundering or terrorist financing is lower than usual.
The Company will verify the identity of its customers and users under its “Know Your customer” processes. For individual users, this will include name and date of birth that is verifiable electronically through an accepted and valid Government issued document accurately containing the users name and date of birth. Acceptable forms of identification for an individual user varies by country of operation and includes one or more of the following:
Required documents for a corporate (KYB) includes the following:
OR
Recent company excerpt showing shareholders identifying the UBO(issued within last 6 months);
The Company will take steps to confirm the authenticity of documents and information provided by users and customers, including verification with regulatory / government sources, and running analytics. Identification information taken above will be collected, stored, shared and protected strictly in accordance with the company’s Privacy Policy related regulations.
The Company will flag users & customers presenting a higher risk (e.g., politically exposed persons or high-risk customers) and request additional documents & verification.
A high-risk customer is identified based on business activities and includes, but not limited to, the following
For a high-risk customer, the company will request any additional documents to ascertain AML risks under Enhanced due diligence as necessary, including but not limited to Proof of source of funds, relevant licenses and AML / KYC policies. If an EDD requires an investigation, the Company will take any such measures as deemed fit.
A politically exposed person (PEP) is one defined in Clause 2(x) of this policy. The Company will take measures to ascertain whether the user or the beneficial owner of the customer is a PEP, their family member2 or close associate3, or if the customer has become such a person. Enhanced due diligence as necessary, including but not limited to Proof of source of funds and
The Company will request the PEP for any additional documents to ascertain AML risks under Enhanced due diligence as necessary, including but not limited to Proof of source of funds and Proof of address. The Company will verify the data received from the PEP by making inquiries in relevant databases or public databases or making inquiries or verifying data on the websites of the relevant supervisory authorities or institutions of the country in which the PEP has place of residence or seat.
Where a PEP no longer performs important public functions placed upon them, the Company shall at least within 12 months take into account the risks that remain related to the PEP and apply relevant and risk sensitivity-based measures as long as it is certain that the risks characteristic of PEPs no longer exist.
The Company KYC’s all its customers. In addition to the KYC and KYB , the customer is subjected to various screenings like, adverse media, PEP and sanctions on an ongoing basis.
The Company will verify the identity of users and customers on an ongoing basis, especially if there has been any change in the identification information or their activities are deemed suspicious. Such activities could include, though not limited to, changes in customer information, address, ownership, and activities wherein KYC details will be updated on an ongoing basis. The Company reserves the right to ask such users for updated KYC documents, even if they have been successfully verified in the past. The Company shall conduct periodic review of its client's basis their risk categorization review of its client's basis their risk categorization. The risk levels are: High risk - 1 year and Medium & Low risk - 3 years.
Source of funds refers to the origin of the funds. It refers to the activity that generated the funds, for example salary payments or sale proceeds, as well as the means through which the customer's or beneficial owner's funds were transferred. Acceptable sources of funds include
The Company will prohibit business relationships and occasional transactions with users and customers that fail KYC at any point in time as per the requirements of this Policy
The Company will prohibit business relationships and occasional transactions with users and customers that fail KYC at any point in time as per the requirements of this Policy
Risk assessment is a process whereby a methodology is maintained to identify and measure the inherent financial crime risk to which the Company is exposed, assess the coverage of controls to mitigate these risks and determine the residual levels. This is done in order to estimate the threat to compliant practices, as the Company provides services to its customers, are calculated; and as may be necessary, eliminated, reduced or controlled. The main purpose of risk assessment is to identify transactions that may threaten to take advantage of compliance vulnerabilities and evaluate the risks presented, to effectively conduct the elimination of such threats.
The Company will follow a risk-based approach to combating money laundering and terrorist financing. This approach applies both to user transactions and company’s customers. By adopting a risk-based approach, the Company will ensure that measures taken are commensurate to the identified risks, thereby enabling efficient allocation of resources. This principle also ensures that the greatest risks receive the highest attention.
The Company’s risk-based approach is based on, but not limited to the following:
The risk-based approach will cover all markets where the Company has a business presence.
Management is ultimately responsible for ensuring that TransFi maintains an effective AML/KYC internal control structure, including suspicious activity monitoring and reporting. TransFi management follows a culture of compliance to ensure staff adherence to the AML/KYC policies, procedures, and processes. Internal controls are the TransFi’s policies, procedures, and processes designed to limit and control risks and to achieve compliance with relevant rules and regulations. The level of sophistication of the internal controls commensurates with the size, structure, risks and complexity of the TransFi’s operations and lines of business.
Regulations across jurisdictions require the company to monitor and analyse transactions of both individual users and customers. The Company will use a comprehensive approach of transaction monitoring including, but not limited to:
The objective of screening is to identify:
The screening of the transactions is performed automatically and includes the following measures:
When monitoring transactions the Company will assess transaction with a view to detect activities and transactions that:
In addition, the Compliance Department shall take any appropriate actions to ensure compliance with laws & regulations including
The Company shall not establish business relationships or do occasional transactions with customers who pose serious money laundering risks and fall outside the Company's risk appetite. The Company will not under any circumstances accept the following types of customers.
Upon the entry into force, amendment or termination of any sanctions, the Company shall verify whether the customer or User who is planning to have the business relationship or occasional transaction with the Company is a subject of these sanctions. If the Company identifies a such a person or legal entity who is a subject of Sanctions or that the transaction intended or carried out by them is in breach of Sanctions, the Company shall apply Sanctions and immediately inform the relevant regulatory authority thereof.
The Company will use at least one of the following sources (databases) to verify the user / customer's relation to Sanctions:
The watchlists sources include:
The Company shall perform the abovementioned verification on an ongoing basis in the course of an established business relationship. The frequency of the ongoing verifications depends on the risk profile of the user / customer
If the Company has doubts that a person or legal entity is a subject to Sanctions, it shall immediately notify the MLRO. In this case the MLRO shall decide on whether to ask or acquire additional data from the person or notify the regulatory authority immediately of their suspicion.
Below is the list of prohibited jurisdictions for TransFi:
Note: In light of the recent Financial Promotion Regime by the FCA UK in Oct 2023, we have included UK in the Prohibited country list until we comply with the FPR .
The Company has established a Compliance Department that is headed by a designated Compliance Officer and MLRO, who shall ensure implementation and enforcement of the AML / KYC policy. With support and oversight of transactional and administrative practices, the Compliance Department shall supervise all aspects of the Company’s Anti Money Laundering and counter-Terrorist Financing policies and ensures compliance with laws and regulations.
The scope of Compliance Department’s efforts includes, but not limited to the following:
The Company has appointed an MLRO who is not operationally involved, but who will monitor and verify the functioning of the Company independently. The MLRO is accountable for the following activities:
The Company through its MLRO will report to the regulatory authority on the activity or the circumstances that they identify in the course of economic activities and whereby:
The Company shall engage an independent third-party firm with expertise in antimoney laundering (AML) compliance to conduct a comprehensive review and assessment of the effectiveness of the AML program. The independent review shall include, but not be limited to, an evaluation of the AML policies, procedures, and controls in place to detect and prevent money laundering and terrorist financing activities. The findings and recommendations of the independent review shall be documented in a written report provided to the Board of Directors, detailing any identified deficiencies and proposing remedial actions to address them.
Employee training is an essential part of an AML Compliance program. It is crucial to train the employees to improve their skills and comply with regulations and protect the company from criminal attempts.
The Company shall provide effective AML & internal controls training to its employees that will help to identify & prevent money laundering activities, minimize the risk of fines & penalties, and enhance the reputation of the Company. The training will be arranged on a periodic basis for the employees of the Company and members of the Board and documented. In case, an employee comes across a non-compliant situation, he or she is required to bring it to the attention of the Compliance Officer and MLRO (Money laundering reporting officer). They then take the required actions.
If required , the MLRO, who is independent of TransFi to report, prepares and submits a report to the FCIS (Financial Crime Investigation Service), Lithuania,
Record keeping is an integral part of regulatory responsibility. To assist in record keeping the Company shall maintain an employee training log including details of their assessment results, when they were examined, when they were trained, and any reassessment necessary.
AML RECORDS
Where applicable, the following records will be retained by the Company for anti-money laundering purposes:
RECORD ACCESSIBILITY
The Company shall maintain systems that ensure records are kept in accordance with regulatory requirements. The Company shall keep records electronically in the operating systems or on specific storage facilities for onsite or offsite storage, or paper based. In any case Company shall ensure that:
RECORD RETENTION
The overall principles in this respect are the following:
Government regulators and law enforcement agencies may seek information and records from time to time. Any person associated or connected with our company who receives or is served with a summons, subpoena or court order related to the Company’s business should immediately contact the Company Compliance Department for further assistance.
The Company shall assist entities in their investigations, provided the request(s) is / are conducted in a lawful manner. If a customer or user is subject to an examination by an equivalent regulatory body, the Company shall always comply with the examination process.
For any law enforcement requests, please direct your official document to our Compliance team at compliance@transfi.com
The Company is required by policy to operate in a legal and responsible manner. The Company will remain compliant, in all aspects, with all laws, rules, regulations across jurisdictions, as well as extend its full cooperation to law enforcement and regulatory authorities, maintain records, as per regulatory requirements and in accordance with the Company’s policies and procedures.
The Company will not tolerate its reputation to be put in jeopardy.
The Company will make sure that its customers do their part to ensure full compliance with all aspects and the spirit of this policy and support the Company as it strives to maintain its progressive stance in the industry.
The USA Patriot Act requires all financial institutions to develop and implement their own AML program and emphasizes several mandatory checks and screening capabilities. Accordingly, a firm’s USA Patriot Act Anti-Money Laundering program must be built around the following criteria:
The Financial Action Task Force (FATF) defines UBO as “the natural person(s) who owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement.” UBO is defined as the following.