Cryptomate AML Policy


Cryptomate AML Policy

Last updated: January 25th, 2021

1. Money Laundering Definition

Money laundering is defined as the process of moving illegally obtained capital through financial systems so that it appears to come from a legitimate source. Money laundering offences are a criminal activity and include the transfer, disguise and exchange of illegally obtained property (POCA 2002). Engaging in the arrangement or knowledge of suspicious acquisitions, use and control of criminal property by or on behalf of persons using or possessing criminal assets (POCA 2002).

Additional offences incorporate: The failure to disclose knowledge or suspicion of money laundering to necessary parties such as a Money Laundering Reporting Officer (MLRO). The failure of a MLRO to report suspicious activities to the National Crime Agency and the “tipping off” of any such party suspected of engaging in Money Laundering Offences in such a way as to reduce the likelihood of them being investigated or prejudicing an investigation.

The United Kingdom passed Proceeds of Crime Act 2002 legislation to prevent and combat money laundering. This legislation together with regulations, rules and industry guidance form the foundation of Anti-Money Laundering and Counter Terrorism Financing obligations outlined for UK firms.

2. Cryptomate

Cryptomate’s business activities including the facilitation of the trading and broking of Cryptocurrencies, is currently not a regulated industry under the Financial Services and Markets Act 2000. In addition, Bitcoin and Cryptocurrency is not currently defined or classified within the current UK AML/CTF legislation, though this is subject to change and review under UK laws as new Money Laundering Directives are implemented alongside further regulation.

Cryptomate has chosen to comply with all mentioned legislative agendas and procedures to fully comply with UK AML legislation for a regulated industry. This approach reflects Cryptomate’s predisposition that its services should not facilitate or engage in any kind of Money Laundering activities and not to be used by criminals to launder proceeds of crime.

This policy outlines by what method Cryptomate employees should raise concerns, by reporting suspicious activity to the MLRO. Employees actively investigate discrepancies and suspected money laundering activities, raising concerns throughout the organisation and reporting to the relevant authority.

3. Controls and Procedures

Cryptomate is committed to establishing and maintaining policies, controls and procedures that mitigate the risks of money laundering. These policies are reviewed frequently and cover the following measures:

  • Know Your Customer Verifications and when required enhanced customer due diligence.

  • Internal controls in relation to its senior management and staff members.

  • Driver’s licence and UK & International Passport check.

  • Domestic and global Politically Exposed Persons (PEPs) and Sanctions List

  • The maintenance and storage of records for 5 years after the customers last trade.

  • Monitoring compliance to its policies, controls and procedures.

  • Risk Management practices.

4. Money Laundering Reporting Officer

Cryptomate has appointed an MLRO to be responsible for Anti-money laundering efforts and reviewing all disclosures about potential money laundering activity. The MLRO will ensure that suitable training and awareness is provided to new and existing staff and that this is reviewed and updated as required. The MLRO will review suspicious activity and if required submit a Suspicious Activity Report (SAR) to the National Crime Agency (NCA).

5. Training

All relevant staff dealing in business operations will receive AML training. Training is completed through an online course covering; the laws relating to money laundering and terrorist financing, our policy and procedures & guidance detecting money laundering and terrorist financing activities. The completion of training is compulsorily, all new employees will receive training as part of their induction process. Further training will be provided when required by changes to the company policy or UK laws and directives.

5. Risk Assessment and Risk Management Practices

Regulation 18 (1) of the UK 2017 Regulations Act requires firms to take measures when identifying and assessing the risks of Money Laundering and Terrorist Financing. Cryptomate considers the risks associated with the following demographics: Countries or Geographical areas, Products or Services required, Nature of Transactions and Delivery Channels and Willingness to comply when prompted for additional information.

A Risk Profile is created regarding the above demographics and the risk required, risk capacity and risk tolerance of the user to enable a comprehensive evaluation on a risk-based approach to determine the appropriate level of mitigation.

Risk assessment and risk management practices or conducted by us for the purpose of:

  • Identify improvements in AML policies, procedure and controls.

  • Develop risk mitigation strategies

  • Improve internal and external controls of risk exposure and mitigation

6. Record Keeping

Regulation 40 of the UK 2017 Regulations Act requires firms to hold copies of all documentation obtained from a customer. This documentation will be retained for as long as needed to provide our services and 5 years after the last trade or closure of account of the customer, to be reviewed, updated & securely deleted when necessary. After this period, all personal data retained for this purpose will be deleted unless in the following circumstances:

  • Under any enactment

  • For the purposes of any court proceedings

  • Reasonable grounds for believing the retention of personal data is needed for the purpose of legal proceedings.

Personal data is only to be used by Cryptomate for verifying customers and for the prevention of money laundering, fraud or terrorist financing.

7. Communication of Policies to Staff and Compliance Monitoring

This policy is available for review by all staff. Each staff member must read it and become familiar with its contents. Updates to the policy will be communicated to staff as they become available. Staff compliance with this policy will be monitored on a regular basis to ensure that Cryptomate remains compliant with UK AML and CFT laws and regulations.

8. Politically Exposed Persons

Politically Exposed Persons or PEPs are defined in Regulation 35 of the 2017 Regulations. PEPs are defined as individuals entrusted with prominent public functions, such as heads of state, members of government, members of government bodies and ambassadors as well as their family members and close associates. PEPs are classified to carry higher risks of Money Laundering so enhanced due diligence is required at both the on boarding process and an ongoing basis.

Where Cryptomate identifies a prospective customer as a PEP or of political exposure, the individual cannot be on boarded without the consent from the AMLRO & managing director. In addition, the prospective customer will be required, at the on boarding stage to provide information, with supporting evidence of their source of wealth:

  • Their current salary and other income; and

  • Their liquid assets including cash and investment portfolio

9. Sanctions Compliance

The US Office of Foreign Assets Control (OFAC) of the US Treasury Department publishes lists of individuals and companies owned or controlled by, acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotic traffickers designated under programs that are not country specific.

The European External Action Service (EEAS) publishes a consolidated list of EU financial sanctions and list of persons, groups and entities subject to EU financial sanctions.

Cryptomate will not engage in any business activity with any individual, group or entity found to be on either the US or EU sanctions lists.

10. Customer Due Diligence (CDD)

A). Know Your Customer (KYC) Requirements

Customer due diligence is required under Regulation 27(1) of the 2017 Regulations when Cryptomate is establishing a business relationship with a customer.

Cryptomate will not engage in business activity with those who have not complied with the policy set out hereafter or staff suspect of potential Money Laundering.


–Photographed documentation showing full name which corresponds to the name in which the customer account is being opened. Acceptable documentation includes:

  • Passport

  • Driver’s licence (if contains photograph of individual)

  • National ID Card (if contains photograph of individual)

All Identity documents should comply with the following standards:

  • The document is valid and shows the issue and expiry dates.

  • The photograph is clear, and all features are visible.

  • The page showing signature is included.

  • The place of issue and passport number details are included and are clearly legible.

  • Nationality details are included.

All documentation must be from a recognised or verifiable provider. In addition, Cryptomate reserves the right to request additional professional references for KYC purposes at its absolute discretion.

– Proof of address which clearly shows the name of the customer opening the account (documents showing joint names are acceptable). Acceptable documentation included:

  • A valid, full driver’s licence from country origin of application. (if not used as Photographed ID)

  • Household utility bill such as gas, water or electricity. (A Mobile phone bill or contract is NOT acceptable).

  • Television licence or subscription.

  • Home or motor insurance policy document or certificate.

  • Bank or building society statement from a reputable financial institution.

  • HM Revenue & Customs tax document or Council/Local authority tax (or equivalent) bill.

All documentation must be from a recognised or verifiable provider. In addition, Cryptomate reserves the right to request additional professional references for KYC purposes at its absolute discretion.

11. Reporting Requirements: Cryptoasset Business

Regulation 74A now requires any cryptoasset exchange providers to provide to the FCA such information as the FCA may direct.

  • Compliance measures and controls under requirements imposed.

  • Reasonably required by the FCA in connection with the exercise by the FCA of any of its supervisory functions.

Skilled Person Report

Regulation 74B applies when the FCA considers that a report from a skilled person relating to the exercise of the FCA’s functions under these regulations, is required in relation with the exercise by the FCA of any of its functions. If requested by the FCA, Cryptomate will comply with providing a report specified in the notice.

Companies and Corporate Entities

In addition to passing the “Individuals” KYC requirements, when receiving a payment from a business or corporate account Cryptomate requires additional documentation including but not limited to each of the following:

– Certificate of incorporation and memorandum and articles of association

– Latest statutory report and accounts

– Current shareholder and director registers

– Resolution of the Board of Directors to open an account and identification of those who have authority to operate the account.

– Full CDD documentation on each director (see “individuals”)

– Full CDD documentation on each ultimate beneficial owner of more than 20% of the company’s share capital.

– Completion of corporate application form.

For partnerships:

– Registration certificate or any business registration document (such as a tax registration document, including VAT certificate)

– Copy partnership deed

– Full CDD on all individual partners (see “individuals”)

B) Retention of Customer Due Diligence Documentation

In accordance with 2017 Regulation (40), Cryptomate will retain copies of all provided documentation regarding the on-boarding and verification of a customer. Cryptomate will retain such copies for a period of 5 years from the last trade or contact and exchange with the customer. Such documentation and personal data will only be used for internal compliance purposes.

Cryptomate will request new KYC documentation to be provided by the customer in the following circumstances:

  • Every 3 years following the initial verification of the customer.

  • A New KYC policy is implemented, Cryptomate may ask the customer to reverify through new policy procedures.

  • Documentation previously supplied has since expired.

C) Ongoing Customer Due Diligence

Regulation 27(8) of the 2017 Regulation states that where appropriate Cryptomate must conduct ongoing Customer Due Diligence on existing customers.

Any client activity outside the normal or expected activity should be considered as unusual and should be investigated. Understanding the client profile is crucial to assessing potential indicators of suspicious activities. An investigation into suspicious activity should establish the true motivation behind the activity in question. This may result in the confirmation of suspicious activity or remove all reasonable doubt. If suspicious activity is confirmed it must be reported to the MLRO and failure to do so is an offence that could result in imprisonment.

Cryptomate operates a risk-based approach and uses all available qualitative or quantitative data available when reviewing customer activity and will be required where:

  • The known circumstances of an existing customer which are relevant to an assessment of the risk of Money Laundering or Terrorist Financing have changed.

  • A customer requesting transactions that are not consistent with Cryptomate’s knowledge or experience of that customer.

  • The purpose or intended nature of Cryptomate’s relationship with the client has changed for any reason.

  • A client engages in unusual patterns of trading inconsistent with historic trading patterns.

  • Anything which raises suspicions in relation to a customer should be reported to the MLRO immediately.

Potential issues to be aware of include but are not limited to:

  • Where the identity of the holding bank account from which funds are sent from to Cryptomate does not match the name of the customer which Cryptomate has on file. Where such funds are received, no trade will take place and Cryptomate will immediately request information from the customer regarding the transfer and information referred to the MLRO & managing director.

  • Where money is suspected to be involved in Money Laundering or Terrorist Financing, money should not be immediately returned to the customer as it may alert the customer that Anti-Money Laundering is suspected thus exposing Cryptomate and its staff to criminal liability under the “tipping off” offence under POCA.

  • Where an account has significantly increased activity amid relatively dormant periods. Cryptomate will request an explanation and evidence relating to the activity in question be provided. Approval from the MLRO must be received before any trade is authorised.

  • Where customers refuse or are unwilling or deceptive in providing explanations of their financial activity or their explanation is assessed to be untrue, Cryptomate will cease to provide services of any kind. The MLRO will report any activity deemed suspicious to the relevant authority.

  • Where the currency, country or nationality is commonly associated with international crime or identified as having serious deficiencies in their AML regimes. Cryptomate may choose to terminate the account and cease trading, reporting its findings to relevant authorities.

  • Where Cryptomate is being asked to accept Cash to trade with. Cryptomate operates under a strict no cash policy.

D) Compliance Video Calls

We reserve the absolute right to request the completion of a video call with ourselves before proceeding with any further orders upon review of customer activity. All video calls are recorded for compliance and training purposes in which customers are notified prior to completion.

Video calls will only be used internally for compliance and training purposes, unless legally obligated in one of the following circumstances:

- Request of information by the supervisory authority in relation to AML/CFT.

- Request from banking provider in relations to disputes and AML/CFT.

- Request of information from Card Payment Service Provider.

E) Source of Funds Requests

Trades exceeding the AML threshold will require additional documentation as to the source of funds before transactions can be made.

  • Any trade from a PEP customer.

  • Any trade from a Non-PEP customer with a fiat value in excess of £20,000.

  • When trades accumulate over £25,000 annually.

Customers are required to provide confirmation of source of funds and should provide the following:

  • An explanation of where the funds for the trade in question have originated from (savings, salary, inheritance, sale of assets)

  • Documentary evidence to back up the customer’s specific claim such as; Copy of bank statements, investment account records, solicitor or accountants letter confirming source of funds.

The managing director should be consulted in each source of funds request, following receipt of relevant documentation, his/her consent must be obtained before any trade may take place.

F) Requirement to Report Discrepancies in Registers

Regulations 30(A) of The Fifth Anti-Money Laundering Directive (5MLD) requires obligated entities to report discrepancies between information held on beneficial owners and information on Companies House regarding People with Significant Control (PSC). When engaging activity with any Limited Company or LLP, Cryptomate will check the details of PSC’s to ensure they have been filed with the registrar. Any discrepancies identified will be reported to Companies House’s through the reporting portal.

A Discrepancies Report will be filed by Cryptomate regarding the following circumstances:

  • Name, Nature, Date of Birth and Activity Status of individual.

  • Nature of control, Governing Law, Legal Form or Activity Status of company.

  • Existing listing on the register is incorrect.

  • PSC Missing.

  • Exemption statement is incorrect.


Why is Cryptomate the best UK digital currency gateway?

We aim to deliver your coins within one hour of your order being placed and payment being received. Thanks to UK Faster Payments, you are now able to purchase in no time using just your online banking account.

We do not store any payment information on our servers. You make your payments through your online banking service, not through a 3rd party processor.

Our service couldn't be easier to use. The only thing required from you to use Cryptomate is access to online banking and an approved Cryptomate account. Joining the cryptocurrency revolution has never been simpler! More info here.

We use cookies to better provide our services. By using our services you agree to our use of cookies.