EBANX Compliance and Legal Hub

For Merchant

Other Documents
EBANX Values
EBANX Privacy Policy
Code of Conduct
Socio-environmental Responsibility Policy
Information Security Policy
Information Security for Third Parties
Responsible Security Vulnerability Disclosure Policy
Gifts, Presents and Hospitality for Third Parties
Sustainability Report 2022
Restricted and Prohibited Products and Services
EBANX Supply and Partnership Standard
Policy Anti-Bribery and Corruption
Anti-Money Laundering And Counter Financing Of Terrorism Policy
Business Continuity Management
Standard for Vendors and Partners
Corporate Governance Policy

Anti-Money Laundering And Counter Financing Of Terrorism Policy

January 4, 2024

1. Introduction and Objectives

This Policy is an extension of EBANX Code of Conduct. Its purpose is to outline the EBANX Policy on Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT).

EBANX has a zero tolerance for money laundering and is committed to mitigating the risks of money laundering. EBANX will take the necessary preventative actions and will promptly investigate any suspicion of money laundering. EBANX Senior Management is committed to the effectiveness and continuous improvement of the AML/CTF Program.

The EBANX Global Anti Money Laundering and Counter Financing of Terrorism Policy is reviewed at least annualy, in order to achieve the best practices for EBANX. The review is carried out through:

  • Regularly reviewing media reports that are relevant to the sectors or jurisdictions EBANX operates;

  • Regularly reviewing law enforcement alerts and reports;

  • Being aware of changes to terror alerts and sanctions regimes as soon as they occur;

  • Reviewing thematic reviews and similar publications issued by competent authorities;

  • Reviewing national, UK, EU, USA guidelines and intergovernmental organizations that develop policies to combat AML/CFT in order to set rules, policies and procedures to combat money laundering and terrorist financing. Where no guidance exists, Compliance will seek guidance from legal counsel (internal/external) and follow any formal opinions provided.


2. Scope and Users

This Policy applies to every ebanker, all products and all EBANX’s companies in all EBANX locations, including:

  • Partners and shareholders;

  • Officers and Board of Directors;

  • Employees;

  • Temporary employees;

  • Interns;

  • Apprentices

People and companies with business relations with EBANX must also respect this Policy.


3. Terms and Definitions

  • Money Laundering


Money laundering is the term used to define the act by which an individual seeks to conceal, occult or hide the origin of resources from illicit activities (predicate crimes/offenses)in order to give the appearance of lawfulness through the placement of these resources in the financial system, as well as their subsequent circulation and reintegration. Any resource obtained through illegal activities can be the object of money laundering. For example, the following activities commonly associated with money laundering are:

  • Acquiring, using or possessing criminal property;

  • Concealing, disguising, transferring or handling the proceeds of crimes such as theft, fraud, bribery, insider trading, arms sales, illegal drug dealing, smuggling, embezzlement and tax evasion;

  • Being knowingly involved in any way with criminal property;

  • Investing the proceeds of crimes in other financial products or through the acquisition of other property or assets;

  • Transferring criminal property;

  • Financing of terrorist activities.

Money laundering is usually broken down into three distinct stages:

  • Placement: this is the first stage in the money laundering operation and involves the physical disposal of the initial proceeds derived from illegal activity;

  • Layering: this second stage consists in dispel even more the illicit proceeds from their source by creating complex layers of financial transactions designed to disguise the traceability and provide anonymity;

  • Integration: the final stage involves providing an apparent legitimacy to the criminally derived wealth. If the layering process has succeeded, integration schemes place the laundered proceeds back into the economy in such a way that they remain in the financial system appearing as normal business funds with licit source.

Grounded upon various laws, regulations and regulatory guidance from Financial Action Task Force (FATF) as well as other applicable International best practices, EBANX must ensure that the legal duties resulting from the AML international regulations are fulfilled by all ebankers and third-parties. Regarding the latter, EBANX seeks to ensure that our business model is understood and respected by any Merchant or customer, preventing the use of our services to offences involving tax evasion and any other crimes. Wherever local regulations are stricter than the requirements set out in this Policy, the stricter standard has to be applied.

If the minimum requirements set out in this Policy cannot be applied in a certain country because application would be against local law or cannot be enforced due to other than legal reasons, EBANX has to assure that it will not enter into a business relationship, continue a business relationship or carry out any transactions with it. If business relations already exist in that country, EBANX has to assure that the business relationship is terminated regardless of other contractual or legal obligations.


  • Terrorist Financing

Terrorist Financing is defined as any and all dealings with resources or property which are, or are likely to be, used for the purposes of terrorism, regardless of the regularity of its origin.

For the purpose of this policy, money laundering also includes any activities relating to terrorist financing.


4. Directives

4.1. Organizational Structure, Roles and Responsibilities

The Anti-Money Laundering and Counter Financing of Terrorism program is formulated and directed by the Legal, Risk & Compliance area. The Legal, Risk & Compliance Vice President reports to EBANX Chief Executive Officer (CEO).

Any local Money Laundering Reporting Officers (MLRO) reports to the Legal, Risk & Compliance Vice President. The MLRO’s main responsibility is to ensure that, when appropriate, the information or other matter leading to knowledge or suspicion, or reasonable grounds for knowledge or suspicion of money laundering is properly disclosed and reported to the relevant authority.

The Compliance processes are centralized in the EBANX Legal, Risk & Compliance structure, based in Brazil, which is responsible for setting out general guidelines and implementing AML related processes. EBANX subsidiary entities (subsidiaries and affiliates) must respect those guidelines, including creating specific normative documents to adapt to the business model of each subsidiary, if necessary. In this way, EBANX guarantees respect for global management and the independence of the Compliance segments.

In order to be compliant with AML/CFT laws and e the best global practices, EBANX Legal, Risk & Compliance structure has a Regulatory Compliance pillar, which is responsible for analyzing the legislations and identifying eventuals gaps or improvements.

To assure that the required AML/CFT controls are effectively deployed, EBANX Internal Audit performs annual assessments of the AML/CFT Program, providing reports to the Legal, Risk & Compliance area concerning the effectiveness of the AML/CFT processes. EBANX Internal Controls team is responsible for analyzing those reports and elaborating action plans to create effective controls to mitigate AML/CFT risks.

All ebankers must be aware of this Policy and seek to prevent and detect actions, operations or transactions that present atypical characteristics in order to combat Money Laundering and Counter Finaning of Terrorism.

In order to be compliant with this Policy, ebankers are instructed to:

  • Report any and all situations considered atypical or suspicious;

  • Act with diligence and probity in supporting the AML/CFT process regarding requests for products, services and operations to ensure the application of the parameters and controls established in this Policy;

  • Disseminate the culture of preventing and combating Money Laundering and Terrorism Financing crimes;

  • Participate in training and update seminars on Preventing Money Laundering and Combating Terrorism Financing.


4.2 Risks

EBANX is required to adopt a risk-based approach to assess the most cost effective and proportionate way to prevent, manage and mitigate money laundering risks. The steps that EBANX will take to achieve this are to:

  • Identify the money laundering risks that are relevant;

  • Assess the risks presented by EBANX’s clients, products, services, transactions, delivery channels, partners, service providers, employees and geographical areas of operation;

  • Continuously monitor.


Risk assessment is used for EBANX activities such as:

  • Designing and implementing controls to prevent, manage and mitigate these assessed risks;

  • Monitor and improve the effective operation of these controls.


EBANX risk assessment utilizes the following sources when determining the risk of a jurisdiction:

  • FATF (Financial Action Task Force)

  • BASEL (Basel Committee)

  • Transparency International

  • USDS (United States Digital Service)

  • HMT Sanctioned Countries/Regimes* (Her Majesty Treasury)

  • The Money Laundering and Terrorist Financing Regulations (Amendment of High-Risk Countries)

  • OFAC Sanctioned Countries/Regimes* (Office of Foreign Assets Control)

  • Internal Country Risk Matrix

*Sanctioned regimes/areas where complex financial and commercial sanctions are in place are blocked to any type of business with EBANX.

EBANX will assess the risk for each client taking into account the purpose of its relationship, the level of assets involved, the volume of transactions to be undertaken, the regularity and/or duration of the business relationship, among other criteria.

The risk assessment will also consider customer, product, service, transaction, delivery channel and geographical risk factors in which they are located. These lists are not exhaustive:


Low Geographical risk factors:

  • Countries having effective Anti-Money Laundering systems;

  • Countries identified by credible sources as having a low level of corruption or other criminal activity;

  • Countries which, on the basis of credible sources, have requirements to combat money laundering and terrorist financing and effectively implement those requirements.


High Geographical risk factors:

  • Countries not having effective Anti-Money Laundering systems;

  • Countries identified by credible sources as having significant levels of corruption or other criminal activity;

  • Countries subject to sanctions, embargos or similar measures issued by, for example, the United Nations;

  • Countries providing funding or support for terrorist activities, or that have designated terrorist organizations operating within their country.


Low Risk Customer risk factors:

  • Public companies listed on a stock exchange and subject to disclosure requirements (either by stock exchange rules or through law or enforceable means), which impose requirements to ensure adequate transparency of their beneficial ownership;

  • Customers that are resident in geographical areas of lower risk.


High Risk Customer risk factors:

  • The business relationship is conducted in unusual circumstances;

  • Customers that are resident in geographical areas of higher risk;

  • Individuals that are politically exposed persons (PEPs) and companies that have those individuals are shareholders or legal representatives;

  • The ownership structure of the company appears unusual or excessively complex given the nature of the company's business.

  • Non-governmental organizations;

  • Cash-intensive businesses


Low Product, service, transaction or delivery channel risk factors:

  • Financial products or services that provide appropriately defined and limited services to certain types of customers, so as to increase access for financial inclusion purposes;

  • Products where the risks of money laundering and terrorist financing are mitigated by other factors such as transparency of ownership.


High Product, service, transaction or delivery channel risk factors:

  • Products or transactions that might favor anonymity;

  • Non-face-to-face business relationships or transactions, without certain safeguards, such as electronic signatures;

  • Payment received from unknown or un-associated third parties;

  • New products and new business practices, including new delivery mechanism, and the use of new or developing technologies for both new and pre-existing products.

The risk evaluation of EBANX partners and service providers will consider the business modality, involvement as a public interest, purpose of relationship, value of remuneration and its regularity and the geographical area.


Low partners and service providers risk factors:

  • Private and public companies listed on stock exchanges and bound to disclosure rules (due to market rules or legal obligations) that impose requirements to ensure transparency of the ultimate beneficial owners;

  • Partners or service providers of low risk geographical areas;

  • Single purchase and short-term contracts.


High partners and service providers risk factors:

  • Business relationship conducted in unusual circumstances;

  • Partners or service providers of high risk geographical areas;

  • Public companies or those related to the public sector;

  • Services or products provided by individuals;

  • Individuals who are Politically Exposed Persons and companies that have those individuals as shareholders and / or legal representatives;

  • Companies whose corporate structure appears to be unusual or excessively complex, given the nature of the company's business;

  • Long-term contracts

EBANX will assess the risk of its employees, taking into account the involvement with the public sector, the relationship with customers, partners and members of senior management, their position, the area of operation and nationality.


High employees risk factors:

  • Employees who are Politically Exposed Persons;

  • Employees residing in high-risk geographic areas;

  • Positions of the company's top management.

  • Function performed in direct contact with the administration;

  • Function performed that allows direct or indirect access to financial resources of the company, customers and / or partners.

Clients, partners, service providers and employees will be classified into a risk category – high, medium or low risk. Clients that are identified with any high-risk factors will have to undergo Enhanced Due Diligence (EDD).


4.3. Due Diligence

A client is any individual or entity (customer or Merchant) to whom EBANX provides, intends to provide, or has in the past provided a service and/or a product. A client for these purposes also includes a potential client. Anonymous clients or transactions from or to anonymous individuals or companies will not be accepted.

A partner is any individual or entity (supplier, provider, financial institution, agent, referral, freelancer) that supplies products and/or provides services to EBANX. An employee is any individual who has an employment relationship with EBANX.

Before onboarding any new Merchant, customer, partner or employee, EBANX must carry out a process of Due Diligence. For the purposes of this Policy, Merchants, end users and partners will be considered third parties. Some third parties will pose a higher risk than others. In order to ascertain the level of risk posed by a third party, all will complete the Simplified Due Diligence process and be assessed for risk via Risk Assessment.

The Risk Matrix (Risk Scoring) is built based on criteria related to the third party’s business, geographical and financial risk factors, among others. Those criteria will be evaluated as “low”, “medium” and “high” risk and a different score will be granted to each risk level. The set of criteria will help to assert the risk third party poses to EBANX.

Due diligences are carried out depending on the risk based approach of each business unit. Where a third party is assessed as being medium risk, then they must undergo Standard Due Diligence. Where a customer is assessed as posing higher risk, then they must undergo Enhanced Customer Due Diligence.


4.3.1 Simplified Due Diligence

Simplified Due Diligence involves compiling a report that establishes the following:

  • Identifying the third party and verifying their identity;

  • Establishing the nature of the business relationship;

  • Screening to identify whether the third party is a politically exposed person (PEP) and/or is subject to sanctions;

  • Ensuring that anyone acting on behalf of the third party is authorized to do so and will identify and verify the identity of that person.

Once this has been done, a Risk Assessment will be undertaken to ascertain the level of due diligence required.


4.3.2. Standard Due Diligence

In addition to the checks made for Simplified Due Diligence, medium risk third parties will need to undergo Standard Due Diligence, which involves:

  • Full ID and Verification checks to be conducted on any beneficial owner holding 25% or more of the company (where beneficial owner is a corporate, checks need only be made on the company itself and not the directors)

  • Adverse news checks on all parties.

All employees and candidates selected for vacant jobs at any hierarchical level will go through the Standard Due Diligence process, and may be subjected to a enhanced Diligence if the risk factor raises the risk rating.


4.3.3. Enhanced Due Diligence

In addition to the checks made for Simplified and Standard Due Diligence, high risk third parties will need to undergo the following checks:

  • Full identification and verification checks on all beneficial owners, including checks on any director for companies;

  • Full identification and verification check on companies constituted in the name of the employee;

  • Identification of the ultimate beneficial owner where relevant, verifying his or her identity and taking measures to understand the ownership and control structure of the client, where applicable.


Enhanced Due Diligence measures also include:

  • Increasing the frequency of reviews, to be satisfied that EBANX continues to be able to manage the risk associated with the individual business relationship or the ebanker position and to help identify any transactions that require further review;

  • Increasing the frequency of reviews of the business relationship, to ascertain whether the third party’s risk profile has changed and whether the risk remains manageable;

  • Obtaining approval from the Coordination and/or Management of the area to commence or continue the business relationship to ensure senior management are aware of the risk EBANX is exposed to and can take na informed decision about the extent to which they are equipped to manage that risk;

  • In cases in which exposure to Risk is high and/or in cases in which the area understands, after analysis, that the case is serious, a decision on the entry of a client/partner/supplier/employee may be escalated to the Risk Committee, through a Risk Acceptance process.

  • Conducting more frequent or in-depth transaction monitoring to identify any unusual or unexpected transactions that may give rise to suspicion of money laundering or terrorist financing. This may include establishing the destination of funds or ascertaining the reason for certain transactions.

Due Diligence must also be carried out whenever EBANX suspects money laundering or has cause to be suspicious about or believes that any documents or other information that has been supplied is out of date or inaccurate. Any business relationship with a Merchant, end user, partner, service provider or employee will be subject to ongoing monitoring which may result in employees being asked to conduct Due Diligence or seek additional information from a Merchant or an end user at any time. Business relationships, transactions and other behaviors must be consistent with EBANX’s knowledge of the Merchant, end user, partner or employee, their business, risk profile and source of funds.

Where the risk exceeds the appetite of the business, the third-party or employee will not be hired by EBANX. Where the request area believes an opportunity is important enough and that alternative controls are believed to reduce the risks perceived, formal exceptions can be applied for.


4.3.4. EBANX will not do business with

  • Any party suspected of committing money laundering or terrorist financing;

  • Shell banks;

  • Parties to which the required level of due diligence has NOT been conducted;

  • Any customers listed as not acceptable on the EBANX Policies;

  • Any companies based on countries with sanctions;

  • Legal entities established by individuals with the specific objective of managing assets for

    investments (personal asset-holding vehicles);

  • Companies that have registered shareholders or bearer shares.

  • Some business models are not accepted by EBANX. Such restrictions are publicly available in our list of restricted and prohibited products and services and can be accessed at the following electronic address: https://business.ebanx.com/pt-br/compliance/produtos-e-servicos-restritos-e- prohibited. Other businesses, products or services may be added to this list at any

    time.


4.3.5. Sanctions

EBANX must block Merchants, customers and/or entities originating from countries that are against sanction programs to ensure that it does not deal with any sanctioned entities in line with combating the financing of the proliferation of weapons of mass destruction.

Certain jurisdictions represent an exceptional risk in relation to money laundering and financial crime.

Those jurisdictions are identified by FATF as having poor controls or require action to be taken and regimes that are sanctioned by the USA, the United Kingdom and/or other countries. Geographic risk will be monitored and updated daily.

The screening and monitoring of Merchants, end users and partners for sanctions is performed using a global database with access to hundreds of different sources of sanction lists sought from various worldwide sources of information.


4.3.6. Compliance Review

Every Merchant registered in our database undergoes periodic reviews of their Identification and Qualification information, as well as Integration data - such as website and/or application, among others.

This periodic review is carried out taking into account the Risk Level (Risk Score) indicated at the time of Onboarding the same in EBANX, being:

  • 1 year for High Risk

  • 3 years for Medium Risk

  • 5 years for Low Risk


Regardless of the review carried out within the aforementioned periods, any change regarding a Merchant’s legal entity must trigger a Compliance review. It is the Merchant’s responsibility to notify EBANX as soon as there are any changes with regards to the legal entity such as:

  • Ownership and control (directors and UBO’s);

  • Key controller/signatory (director);

  • Sub key signatories (full name, email address and phone number);

  • Any adverse data when it becomes evident or known to the client all other relevant data.

Additionally, any alteration requested by the Merchant related to its integration with EBANX - alteration or inclusion of the URL and/or Application, among others - also results in its review by the Compliance Department.


4.4. Record Keeping

EBANX must keep record of all details obtained for the purpose of identification of the Merchant, the end user or the partner, as well as of all documents, in accordance with regulatory requirements.

EBANX will keep detailed record of:


4.4.1. Individual Customer Information

  • All steps taken to establish the identity of applicants for business or reasons as to why steps have been taken in a particular case;

  • Full name and date of birth of each person with whom the Firm does business;

  • Mother's name;

  • Identification document;

  • Proof of address;

  • Proof of payments;

  • Marriage certificate;

  • Proof of citizenship;

  • Bank account details;

  • E-mail;

  • Phone number;

  • The form and source of funds and/or securities used by the applicant for business;

  • The form and destination of funds paid or delivered to the applicant for business or another person on his behalf.


4.4.2. Legal Entity Customer Information

  • All steps taken to establish the identity of applicants for business or reasons as to why steps have been taken in a particular case;

  • Legal name of the company;

  • Company incorporation number;

  • Information about the corporate structure;

  • Proof of address;

  • Proof of payments;

  • Social contract or other incorporation document of the company, which contains the

    shareholders' information;

  • Business licenses;

  • Bank account details;

  • E-mail;

  • Financial Statements;

  • The form and destination of funds paid or delivered to the applicant for business or another person on his behalf.


4.4.3. Registration update

In order to keep the information updated, EBANX may conduct a document review considering the following frequency:

  • High Risk - Annual

  • Medium Risk - 3 years

  • Low Risk - 5 years


4.4.4. Transaction Information

  • Financial transactions carried out by EBANX with or for each EBANX’s client or counterparty;

  • Suspicious activities report (SAR) and information not acted upon: Internal and External SAR reports along with rationale for reporting, or not reporting to the authorities. Copies of the SARS should be kept on file for a period of 10 (ten) years from the point a report was made.


4.4.5. Training

  • Materials and completed tests;

  • Results of the test;

  • Dates of the training;

  • Nature of the training;

  • Who was trained;

  • Personal identification of the training participates;


4.4.6. Decision Making

All reports to the board and resulting actions / inactions accompanied by a documented rationale.

Records may be stored in any of the following formats:


  1. original documents;

  2. photocopies of original documents;

  3. scanned form;

  4. computerized or electronic form.


Upon the expiry of the 10 (ten) year period EBANX must delete any personal data unless the firm is required to retain records containing personal data by, or under, any enactment, or for the purposes of any court proceedings; or the data subject has given express consent to the retention of that data.

Data protection: the countries in which EBANX operates have several requirements and obligations that are respected when we perform personal data processing activities. We comply with the legislations to protect the privacy of personal data, such as the General Data Protection Regulation 2017 (GDPR) and the General Data Protection Law 2018 (LGPD), that regulates the use of personal data, essentially any information about identifiable living individuals. EBANX has a Data Protection Committee, which is responsible for operational and strategic coordination, as well as all data protection issues and controls of the company's data privacy program. Please refer to the Information Security Policy for further information.


4.5. Monitoring

EBANX must carry out regular monitoring of clients and transactions in line with its Risk Assessment. Monitoring should also be carried out to ensure that policies and procedures are being correctly implemented.

Client’s behaviors or issues with client’s business that should act as a warning that further investigation by EBANX is necessary will be considered Red Flags. Examples of red flags are:

  • Client is reluctant to provide information or is evasive;

  • Client’s lifestyle appears in excess of known sources of income;

  • Client’s business structure is unnecessarily complicated;

  • Involvement of third parties without valid reason;

  • Complex structuring of transactions without valid reason;

  • Client’s disinterest in prices, commissions, costs etc.;

  • Transactions out of line with expected transaction for the client;

  • Unexplained transfers of funds;

  • Volume of transactions incompatible with the business model;

  • Concentration of sales in a given region;

  • High volume of refund and/or chargeback requests.

If red flags are identified in the Client Due Diligence or monitoring processes, employees must notify the local Compliance Officer and/or MLRO immediately.

EBANX will use transactional monitoring to identify any unusual or unexpected behavior that may give rise to suspicion of money laundering or terrorist financing.

Based on the EBANX’s knowledge of the client, the monitoring will look for:

  • Unusual behavior: sudden and/or significant changes in transaction activity by value, volume or nature, such as change in beneficiary or destination;

  • Linked relationships: identifying common beneficiaries and remitters amongst apparently unconnected accounts or clients;

  • High risk geographies and entities: significant increases of activity or consistently high levels of activity with higher risk geographies and/or entities;

  • Other money laundering behaviors: indications of possible money laundering, such as the structuring of transactions under reporting thresholds, transactions in round amounts, overly complex transactions;

  • Dormant relationships: EBANX will carry out retrospective reviews on the client to ensure the business being transacted is consistent with what was anticipated when the client was taken.

EBANX will conduct transaction monitoring and will monitor value, volume and velocity across their customer population. More stringent and intensive alerts will be deployed on those that represent a higher risk, and less so on those that are deemed to be a lower risk. Alerts will be triggered to ensure we monitor transactions and report suspicious transactions.

All new products proposed by EBANX are required to undergo a review by Compliance. The review is to identify process that may need to be looked at, in order to mitigate those risks.


4.6. Termination

Where EBANX would like to terminate a relationship after identifying suspect activity, it can do so. Where there is no suspicion, or concerning activity, the local Compliance Officer or MLRO may still recommend Merchants, partners or third-party vendors that should be terminated based upon the risk they present.


4.7. Staff Awareness and Training

EBANX will ensure that all employees are given periodical training to guarantee that each understands their obligations under the Anti-Money Laundering and Counter Financing of Terrorism Policy and the requirements for identification of third parties. There will also be specific training provided to various departments, based upon their specific duties and exposure to risk of Money Laundering and Financing of Terrorism they present.

All ebankers should be aware that a failure in carrying out their responsibilities could result in disciplinary measures and/or criminal sanctions being imposed against them.


4.7.1. EBANX Global Compliance Program for Third-Parties

Considering EBANX's significant volume of relationships with merchants, partners and individuals and the risks posed by those relationships, the EBANX Compliance Program is expanded to third parties.

Through this action we share EBANX guidelines, public normative documents, EBANX Helpline and some of our Compliance training and awareness initiatives with third parties.


4.8. Internal and External Audit

The Money Laundering Prevention and Combating the Financing of Terrorism program of EBANX will be audited annually. Internal audit will provide senior management on a report regarding the status of the controls and any areas that need to be remediated. If requested, this may be forwarded to the regulated entity itself and any outsourced service providers. The Legal, Risk & Compliance area will be provided with all audit reports, in order to have assurance that the required controls, responsible for, are effectively deployed.


4.9. Disciplinary Procedures

Any ebanker that breaches the guidelines of this policy may be subject to disciplinary measures. The violations will be duly investigated, according to the Ethics Committee procedures, guaranteeing anonymity to the individuals involved. All ebankers have the obligation to cooperate with ongoing investigations.


4.10. Report of Suspicious

All client transactions will be subject to ongoing monitoring and review. When the Compliance Officer or the local MLRO decides that a particular client or transaction should be subject to additional investigation, employees are expected to comply with such investigation including any requests for additional information.

Any director or employee who has any suspicion of money laundering must immediately report the matter to the Compliance Officer or the local MLRO in writing together with the full details. All suspicious signals of money laundering are reportable, even if it comes to the employees’ attention after the trade has been undertaken or the register is closed, or the trade has been conducted by another person. Having made such a report, the director or employee concerned will have met his or her legal obligations under the Regulations.

An offence of “Tipping off” is committed when anyone discloses to a person who is the subject of a suspicious report, or a third party, that a disclosure has been made to the Compliance Officer or the local MLRO or the authorities or that an investigation is being carried out, as this could prejudice the investigation. Making enquiries of a client, to verify identity or to ascertain the source of funds for a particular transaction will not trigger a tipping off offence before a suspicious activity report has been submitted in respect of that client. If a suspicious activity report has been made, great care should be taken to ensure the client or the mentioned individual does not become aware of that fact.

If suspicious signals of money laundering are identified, the transaction should be frozen and should not proceed without the authorization of the Compliance Officer or local MLRO. The Compliance Officer or the local MLRO will receive any reports or concerns relating to any suspected or actual money laundering and will record, investigate and report this to the relevant authorities, where necessary. The reporting of the suspicion of money laundering to the authorities is not a breach of duty or confidentiality to a client and provides important potential safeguards for the position of EBANX. If reports are not forwarded to the relevant authorities, full details of the rationale for this decision will be kept on record. All notifications made will be handled with strict confidentiality.

However, please note that there may be circumstances in which EBANX is required to reveal na individual’s identity, for example where we are compelled to do so by law and therefore anonymity cannot be guaranteed.

Any ebanker who is discovered to have failed to report a transaction, which they knew to be suspicious or to have involved money laundering, will be subject to disciplinary action and potentially liable to prosecution unless the employee has good reason for not reporting the transaction to the Compliance Officer or local MLRO. Employees are therefore advised to report any suspicions, no matter how slight to the Compliance Officer or the local MLRO.

An ebanker may first discuss their suspicions with their line manager who may then accept responsibility for making a report to the Compliance Officer or the MLRO local. Examples of transactions that may give rise to a suspicion of money laundering are set out below but will not necessarily by themselves give rise to sufficient suspicion to warrant a report being made:

  • large or unusual settlements of deals in cash;

  • buying and selling transactions with no discernible purpose or in unusual circumstances;

  • instructions to credit sales proceeds to an account different from that of the original source account or to a third party;

  • any transaction in which the counterpart is unknown or of a nature size or frequency which appears unusual;

  • where the investor is introduced by an overseas person and both are based in countries where drug production or drug trafficking may be prevalent.

Ebankers are not expected either to know or to establish the exact nature of any underlying criminal offence, or that the particular funds or property were definitely those arising from a crime or terrorist financing.


5. Normative References

ID 70 Code of Conduct


6. Publishing and Distributing Policies

Any new policies or modifications to existing documents should be made available for all EBANX interested parties.

Policies are available for ebankers, on OneTrust, in the “Policy” section.

Public documents may be found in EBANX websites.