Amplify Exchange takes every step to be compliant with global Anti-Money Laundering (AML) policies. Our AML policy and the measures we take are outlined below. The purpose of this policy is to protect both you and Amplify from potential fraud.
Meaning of “appropriate measures”
For the purposes of these Regulations, appropriate measures include the following—
- (a) identifying any participant and verifying the participant’s identity on the basis of documents, data or information obtained from a reliable and independent source;
- (b) in the case of a legal entity or legal arrangement, identifying the participant and verifying the identity of the relevant natural person carrying out the transaction or proposed transaction;
- (c) in the case of a person purporting to act on behalf of a participant, verifying that the person is in fact so authorized and identifying and verifying the identity of that person; and
- (d) conducting enhanced due diligence whenever necessary in accordance with regulation 12.
Verification of identity and timing of verification
(1) A company shall, in relation to operation of Amplify Exchange, ensure that it applies appropriate measures relating to identification and verification of the exchange users.
(2) Subject to paragraph (3), a company must verify the identity of a participant before providing trading access to the Amplify Exchange platform.
(3) Such verification may be completed after the issue of a digital asset if—
- (a) the rights and functionalities are such that the digital asset can only be used for services and products provided by the exchange operator;
- (b) this is necessary not to interrupt the normal conduct of business;
- (c) there is little risk of money laundering or terrorist financing occurring, provided that the verification is completed as soon as practicable after the digital asset is issued;
- (d) any money laundering or terrorist financing risks that may arise are effectively managed; and
- (e) it appears that a client, or any person purporting to act on behalf of the client, is not or does not appear to be anonymous or fictitious.
Requirement to cease transactions, etc.
11 (1) Where in relation to any client or proposed client, a company is unable to apply appropriate measures in accordance with the provisions of these Regulations, the company—
- (a) shall not open any account or carry out a transaction for the person;
- (b) shall not issue a digital asset to the person;
- (c) in the case of an exchange client, shall not permit that participant to undertake any further transactions of any nature, until such time as the company has been able to apply the measures; and
- (d) shall terminate any existing business relationship with the person.
(2) In the event that an existing business relationship is terminated in accordance with paragraph (1)(d), details regarding the termination shall be included in any final audit or other compliance report required by the Registrar.
Enhanced due diligence
12 (1) A company must apply on a risk-sensitive basis enhanced due diligence to business relationships with existing clients or proposed clients—
- (a) in accordance with paragraph (2);
- (b) in instances where a person or a transaction is from or in a country that has been identified as having a higher risk by the Financial Action Task Force;
- (c) in instances where a person or a transaction is from or in a country that represents a higher risk of money laundering, corruption, terrorist financing or being subject to international sanctions;
- (d) in any other situation which by its nature may present a higher risk of money laundering or terrorist financing;
- (e) in instances where the company suspects money laundering or terrorist financing; or
- (f) in instances where the company doubts the veracity or adequacy of documents, data or information previously obtained for the purpose of identification or verification.
(2) Where any of the circumstances in paragraph (1) exist, a company must take specific and adequate measures to compensate for the potential risk, for example by applying one or more of the following measures—
- (a) ensuring that the participant’s identity is established by additional documents, data or information;
- (b) employing supplementary measures to verify or certify the documents supplied, or requiring confirmatory certification by an AML/ATF regulated financial institution (or equivalent institution) which is subject to equivalent regulations;
- (c) ensuring that the first payment is carried out through an account opened in the participant’s name with a banking institution;
- (d) monitoring the participant’s activity.
Reliance on third parties
13 (1) A company may rely on a person who falls within paragraph (2) to apply any measures required by these Regulations, provided that—
- (a) the other person consents to being relied on; and
- (b) notwithstanding the company’s reliance on the other person, the company—
- (i) must obtain information sufficient to identify participants;
- (ii) must satisfy itself that reliance is appropriate given the level of risk for the jurisdiction in which the party to be relied upon is usually resident; and
- (iii) will remain liable for any failure to apply such measures.
(2) The persons are—
- (a) an AML/ATF regulated financial institution;
- (b) an independent professional supervised for the purposes of these Regulations by a designated professional body in accordance with section 4 of the Proceeds of Crime (Anti-Money Laundering and Anti-Terrorist Financing Supervision and Enforcement) Act 2008; (c) a person who carries on business in a country or territory other than the British Virgin Islands who is—
- (i) an institution that carries on business corresponding to the business of an AML/ATF regulated financial institution or independent professional;
- (ii) in the case of an independent professional, subject to mandatory professional registration recognized by law;
- (iii) subject to requirements equivalent to those laid down in these Regulations; and
- (iv) supervised for compliance with requirements equivalent to supervision by his supervisory authority.
14 (1) A company must keep the records specified in paragraph (2) for at least the period specified in paragraph (3).
(2) In respect of a business relationship or an occasional transaction, the records are—
- (a) a copy of, or the references to, the evidence of the person’s identity obtained pursuant to these Regulations, together with the results of any analysis or enhanced due diligence undertaken in relation to that person; and
- (b) the records of transactions, provided that such records must be sufficient to permit the reconstruction of individual transactions.
- (3) In this regulation, the period is—
- (a) in the case of records in paragraph 2(a), for the duration of the business relationship and five years beginning on the date on which the business relationship ends or five years beginning on the date the occasional transaction is completed;
- (b) in the case of records in paragraph 2(b), five years beginning on the date the transaction is completed.
- (4) A company who is relied on by another person must keep the records specified
in paragraph (2)(a) for five years beginning on the date on which he is relied on for the purposes of these Regulations in relation to any business relationship or occasional transaction.
(5) But in any case where a company has been notified in writing by a law enforcement officer that particular records are or may be relevant to an investigation which is being carried out, the company must keep the records pending the outcome of the investigation.
(6) For the avoidance of doubt, all documents and findings related to the investigations of—
(a) complex transactions;
- (b) unusually large transactions; or
- (c) unusual patterns of transactions,
must be recorded and kept for a minimum period of five years and shall be made available to competent authorities upon request.
(7) A person referred to in regulation 13(2)(a) or (b) who is relied on must, if requested by the person relying on him within the period referred to in paragraph (4)—
- (a) make available to the person who is relying on him as soon as reasonably practicable after the request but not later than five business days thereafter any information about the client which he obtained when applying appropriate due diligence measures; and
- (b) without delay forward to the person who is relying on him, copies of any identification and verification data and other relevant documents on the identity of the participant which he obtained when applying those measures.
(8) A company who relies on a person referred to in regulation 13(2)(c) (a “third party”) to apply appropriate measures must take steps to ensure that the third party will, if requested by the company, within the period referred to in paragraph (4)—
- (a) as soon as reasonably practicable make available to him any information about the participant; and
- (b) as soon as reasonably practicable forward to him copies of any identification and verification data and other relevant documents on the identity of the client, which the third party obtained when applying those measures.
(9) For the purposes of this regulation, a person relies on another person where he does so in accordance with regulation 13(1).