AML AND KYC POLICY

AML & KYC Policy PayAlma

PayAlma is operated under Palmex Group Inc.

The Purpose of AML Policy

The purpose of the AML rules is to help detect and report suspicious activity including the predicate offenses to money laundering and terrorist financing, such as securities fraud and market manipulation.

The Purpose of KYC Policy

Ensures that businesses have accurate information about their customers, including their identity, financial history, and risk level.

Customer Verification

When a new merchant signs up, PayAlma verifies their identity. This includes collecting information such as legal business name, address, tax ID, and ownership details.

We use Know Your Customer (KYC) procedures to validate the merchant's identity. This helps prevent fraudulent accounts and ensures compliance with AML regulations.

Individual Verification

PayAlma verifies the identity of individuals associated with the business. This typically includes the company directors or authorized signatories.

Information collected includes national insurance or social security numbers, dates of birth, and other relevant details.

Each PayAlma merchant must provide information for its AML compliance.

Transaction Monitoring

PayAlma continuously monitors transactions for suspicious patterns or anomalies. Unusual patterns, large transactions, or frequent transfers to high-risk countries trigger alerts.

Automated systems analyze transaction data, flagging any deviations from normal behavior. For example, sudden spikes in transaction volume or unusual geographic patterns may warrant investigation.

Sanctions Screening

The gateway checks transactions against sanctions lists (such as OFAC, UN, or EU lists) to identify individuals, entities, or countries involved in illegal activities.

If a match is found, the transaction is flagged for further review. Sanctions screening helps prevent money laundering and terrorist financing.

Suspicious Activity Reporting

If the gateway detects suspicious activity, it reports it to the relevant authorities. Timely reporting is crucial to prevent money laundering.

Based on the risk, and to the extent reasonable and practicable, we will ensure that we have a reasonable belief that we know the true identity of our customers by using risk-based procedures to verify and document the accuracy of the information we get about our customers.

Behavior Analysis

The gateway analyzes historical behavior. Sudden changes in transaction patterns, inconsistent activity, or unusual hours of operation may indicate illicit use.

Behavioral analysis complements rule-based monitoring.

Customer Due Diligence (CDD)

Verifying the identity of customers and assessing their risk profiles.

By using our services, you acknowledge and agree that PayAlma, as a third-party payment gateway, will receive user funds and on their behalf, redistribute the funds to the intended merchant platform. PayAlma acts as an intermediary to ensure the secure and compliant transfer of these funds from the user to the merchant.

Customer Acceptance (KYC/CDD) Policy

1. Purpose

The purpose of this policy is to establish a customer acceptance framework, ensuring compliance with applicable laws and regulations, including anti-money laundering (AML) and countering the financing of terrorism (CFT) requirements. This policy sets out the procedures for identifying, verifying and continuously monitoring customers.

2. Scope

This policy applies to all employees, contractors and third party service providers involved in the customer acceptance process of Palmex Group Inc.

3. Definitions

Customer Acceptance: the process of establishing new customer relationships, including identity verification and risk assessment.

KYC (Know Your Customer): the process of verifying the identity of customers to prevent fraud, money laundering and terrorist financing.

CDD (Customer Due Diligence): assessing the risk associated with a customer based on their profile, transaction behavior and other relevant factors.

4. Regulatory Framework

This policy complies with applicable laws and regulations in Canada, including but not limited to:

• Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Bank Act, Payment Card Networks Act, Consumer Protection Laws (Competition Act (RSC 1970, c 33), Consumer Product Safety Act (SC 2010, c 21), Canada Consumer Product Safety Act (S.C. 2010, c. 21), Personal Information Protection and Electronic Documents Act (PIPEDA) (SC 2000, c 5), Canadian Anti-Spam Legislation (CASL) (SC 2010, c 23), Business Practices and Consumer Protection Act (RSBC 2004, c 2)), Personal Information Protection and Electronic Documents Act (PIPEDA), Electronic Funds Transfer Act, Anti-Spam Legislation (CASL), International Sanctions Regulations, Guidelines from the Office of the Superintendent of Financial Institutions (OSFI),

• Regulatory guidelines FATCA

5. Client Onboarding Process

5.1 Initial Application

• Clients must complete an application form including personal information such as name, address, date of birth, nationality and contact details.

• Clients must state the purpose of the account and expected transaction volumes.

5.2 Identity Verification

Individuals: Acceptable forms of identification include government-issued identification (passport, driver's license), utility bills or bank statements showing the client's name and address.

Businesses: Verification documents include business incorporation certificates, tax identification numbers and proof of ownership (e.g. shareholder register).

5.3 Risk Assessment

Each client will be assessed for risk based on factors such as:

• Geographical location

• Nature of business

• Transaction patterns

• Source of funds

6. Customer Due Diligence (CDD)

6.1 Standard Due Diligence

• For low-risk clients, standard KYC procedures will be applied.

6.2 Enhanced Due Diligence (EDD)

• For high-risk clients or transactions, enhanced measures will be implemented, including:

• Additional identity verification

• Inquiries on source of wealth and source of funds

• Ongoing transaction monitoring

7. Ongoing Monitoring

• Transactions will be continually monitored for unusual or suspicious activity.

• Regular checks on client profiles will be conducted to ensure KYC information remains up-to-date.

8. Record Keeping

• All customer identification documents and transaction records will be retained for a minimum of 3 years in accordance with regulatory requirements.

9. Training and Awareness

• Employees will receive regular training on KYC/CDD procedures and the importance of AML/CFT compliance.

10. Reporting Suspicious Activity

• Employees are required to immediately report any suspicious activity or transactions to the designated compliance officer.

11. Policy Review

• This policy will be reviewed annually or as necessary to ensure compliance with changing regulations and best practices.

This policy serves as the foundational document to ensure that Palmex Group Inc adheres to KYC/CDD requirements when providing services to its customers. It is essential that all employees understand their role in maintaining compliance and protecting the integrity of the payment system.