AML Policy

UniFin ApS

Company Overview and AML/CTF Policies

Table of Contents

Part 1. Scope and definitions.

Introduction

1. Expansion of understanding of licenses and comments on them.

2. Definitions.

2.1. Money Laundering

2.2. Terrorist financing

3. Regulatory overview

4. Brief description of the business model

5. Flow of Funds

Part 2. Risk assessment and management

6. Risk assessment

6.1. Methods and documentation.

6.2. Risk factors

6.2.1. Customer types

6.2.2. Products, services and transactions

6.2.3. Delivery channels

6.2.4. Country and geographical territories

6.3. Updating risk assessment

7. Policies, business procedures and controls

7.1. General information

7.2. Policies

7.2.1. Business procedures

7.2.2. Risk management

7.2.3. Employee screening

7.2.4. Internal control

8. Persons responsible and functions

8.1. AML Officer – the person appointed according to Section 7 (2)

8.2. Responsibilities of the AML Officer

8.3. Delegation

8.4. Compliance Officer

8.5. Responsible member of the executive board

8.6. Internal audit

9. Education

Part 3. KYC procedures

10. When will UniFin ApS conduct KYC procedures?

10.1. Establishing business relationships

10.2. Change in relevant client circumstances

10.3. KYC procedures at an appropriate time

10.4. Individual transactions

10.5. Suspicion of money laundering or terrorist financing

10.6. Previously obtained details on the customer

10.7. Individual activities that are not transactions (advisory services)

11. Content of KYC procedures

11.1. Obtaining identification data

11.2. Verification of identification data

11.3. Remote clients

11.4. Use of NemID or other form of electronic identification

12. Beneficial owners

12.1. Definition of beneficial owner

12.2. Identification of beneficial owners

12.3. Obtaining identification data

12.4. Verification of identification data of beneficial owners

12.5. Clarification of ownership and control structure

13. Continuous updating of client data

14. When a person acts on behalf of the customer

15. Correspondent relationships

15.1. KYC procedures

15.2. Correspondent’s obligations

15.3. Responsibility

16. Record keeping

17. Freedom from liability

18. Duty of confidentiality

Part 4. Crypto activity of UniFin ApS, to which the provisions of this AML/CTF Policy apply.

1. Obligation to act honestly, fairly and professionally in the best interests of clients

2. Management mechanisms

3. Information for competent authorities

4. Storage of crypto assets and client funds

5. Ensuring the storage and administration of crypto assets on behalf of clients

6. Operation of a trading platform for crypto assets

7. Exchange of crypto assets for cash or other crypto assets

8. Execution of orders for crypto assets on behalf of clients

9. Placement of crypto assets

10. Acceptance and transmission of orders for crypto assets on behalf of clients

11. Providing advice on crypto assets and ensuring crypto asset portfolio management

12. Providing crypto asset transfer services on behalf of clients

AML/CTF Policy of UniFin ApS

Part 1. Scope and definitions.

Introduction

UniFin ApS is a legal entity registered in the Central Business Register of Denmark (VIRK # 36052236) on 24.07.2014, operating at the address: Fargeparken 23, 3600 Frederikssund, Denmark.

As of 01/09/2024, UniFin ApS is in the process of fulfilling SWIFT requirements for BIC/SWIFT assignment.

UniFin ApS has LEI registration # 549300GJ5RFHXVEZCC81.

UniFin ApS has the following registered business names:

  • UniFin ApS
  • UniFin CryptoBank ApS
  • UniFin Exchange ApS
  • UniFin Payment ApS
  • UniFin Portal ApS
  • UniFin Commodity ApS
  • UniFin Innovation ApS

UniFin ApS has the right to use any of the registered business names as its primary name for the purpose of proper positioning of its activities for partners and clients.

As of 01/09/2024, UniFin ApS is a professional participant in the financial market and conducts its activities based on licenses obtained from the Danish FSA:

  • DFSA VASP: FTID 17511
  • Custodian wallet providers.
  • Issuers of a virtual currency.
  • Providers engaged in exchange services between one or more types of virtual currency.
  • Providers engaged in exchange services between virtual currencies and fiat currencies.
  • Providers engaged in transfer of virtual currency.
  • DFSA AML: FTID 40333
  • Portfolio management and advice.
  • Financial leasing.
  • Guarantees and collateralization.
  • Trading for own account or for account of customers.
  • Participation in issuing securities and provision of related services.
  • Advice.
  • Money broking.
  • Safekeeping and administration of securities.
  • Lending.

UniFin ApS recognizes the importance of fulfilling certain obligations required by the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and related regulations, such as reporting, record keeping, knowing your customers, and implementing a compliance program, to assist in combating money laundering and terrorist financing activities in Denmark.

UniFin ApS duly fulfills the following reporting requirements:

  • Risk Assessment.
  • Customer Due Diligence (CDD).
  • Transaction Monitoring.
  • Suspicious Transaction Reporting (STR).
  • Record Keeping.
  • Internal Policies, Controls, and Procedures.
  • Staff Training.

1. Expansion of understanding of licenses and comments on them.

Reference to the AML Act: Section 48 (1) and Annex 1.

Reference to the 4th Money Laundering Directive: Article 3 (2) letter a.

Reference to other legislation: The Financial Business Act, Annexes 1 and 2.

Acceptance of deposits and other repayable funds

This includes undertakings that service the public, and that commercially provide deposits and other repayable funds without having to have authorization as a bank or savings company. Deposits and other repayable funds are deposits for which the depositor is entitled to recover its claim in full.

Loan undertakings

Loan undertakings include consumer credit, mortgage loans, factoring, discounting and trade credits (including forfaiting). All types of lending activity are covered. The sub-paragraphs mentioned are examples that do not imply any restrictions on the types of loan covered. Loan undertakings include loans made to businesses and private individuals. Brokering of loans is not covered.

Financial leasing

“Financial leasing” is defined as those types of lease in which the lessee carries the financial risk of the leased equipment’s estimated residual value on termination of the lease.

The leaseholder undertakes to pay a leasing charge during the term of the lease, which is an installment payment against the “underlying loan” in the leasing company.

Leased items often have a residual value at the end of the lease agreement. The lease agreement therefore often states that the lessee is obliged to assign a buyer of the equipment to the estimated residual value on demand.

Operational leasing is another lease form that is not covered by the AML Act. Operational leasing places the risk of the residual value of the leased item on the lessee upon termination of the lease. At the expiry of the lease agreement, the lessee returns the equipment to the leasing company, whereupon the leasing company bears the risk that the leased item can attract the estimated residual value. At the end of an operational lease agreement, the leased item has a significant estimated residual value.

Issuing and administrating other means of payment (e.g. traveler’s cheques and bank drafts), when the activity is not subject to the Payment Services Act

This covers the issuing and administration of other means of payment, when the activity is not subject to the Payment Services Act. This means that, for example, the issuing of travellers’ cheques and bankers’ drafts is covered. The list is an example and is therefore not exhaustive.

Guarantees and collateralization

Loans given against collateral, e.g. invoice financing or lending against a mortgage on real estate, property or securities are covered. Guarantees of any kind are covered. However, it is a prerequisite that the activity is performed commercially, e.g. a surety insurance company.

Transactions at the customer’s expense

The transactions at the customer’s expense that are covered, are:

  • money market instruments (cheques, bills, certificates of deposit, etc.),
  • the currency market,
  • financial futures and options,
  • currency and interest rate instruments,
  • securities.

“Money market instruments” are defined as those instruments that are usually traded on the money market, for example treasury bills, which are short-term debt instruments issued by the state.

Participation in issuing securities and provision of related services

This includes, for example, contributing to a listing on a regulated market.

Advisory services for undertakings regarding capital structure, industrial strategy and related matters, as well as advisory and services relating to mergers and acquisitions of undertakings

This includes listing and investment of shares and equity-linked securities through regulated marketplaces, private placements of unlisted shares, major secondary share placements through regulated marketplaces, and advisory services in connection with mergers and takeovers. This type of business is also called “merchant banking”.

Money broking

“Money broking” is defined as undertakings that broker contact between undertakings that want to borrow money, and undertakings that want to lend money. “The money market” is a collective term for the financial markets for assets involved in short-term loans/lending with a maturity of one year or less.

Portfolio management and advisory services

If An undertaking carries out commercial portfolio management and advisory services on the purchase and sale of securities and is not covered by the types of undertakings specifically mentioned in Section 1 (1) of the AML Act, the company is covered by the Act for that part of its activity that relates to portfolio management and advisory services.

The “portfolio management and advisory services” activity includes portfolio and investment advisory services, when an undertaking provides personal recommendations to a customer, either on request or on the investment firm’s own initiative, for one or more transactions related to financial instruments. It is thus this type of activity that is covered by the rules of the AML Act.

Storage and administration of securities

Management in this context differs from “portfolio management and advisory services”, in that management requires a discretionary mandate to buy and sell securities from the customer without their consent for each transaction.

2. Definitions.

2.1. Money Laundering

Reference to the AML Act: Section 3.

Reference to the 4th Money Laundering Directive: Article 1 (3).

Reference to other legislation: Sections 290 and 290 a of the Criminal Code.

“Money laundering” is defined as:

To unlawfully receive or obtain for oneself or others a share in economic proceeds or funds obtained by means of a criminal offence.

To unlawfully conceal, store, transport, assist in the disposal of or otherwise subsequently to act to secure the economic proceeds or funds obtained by means of a criminal offence.

Attempt at or participation in such actions.

There is no minimum value for when a situation is covered by the definition of money laundering.

The definition also covers acts by the person who committed the criminal offence from which the proceeds or funds originate. This is called “self-laundering”, which is not punished under Danish law according to the general provision on handling stolen goods in Section 290 of the Criminal Code, because punishment for the underlying crime adequately deals with criminal liability for later related acts. Self-laundering, however, is covered by the provision on money laundering in Section 290 a of the Criminal Code, which only concerns money laundering.

Whether the actions which yield financial gain or the funds to be laundered were carried out in Denmark is not a decisive factor for determining whether money laundering is involved. Money laundering is deemed to exist even when the actions which yield financial gain or the funds to be laundered were carried out in the territory of another Member State or a third country.

The AML Act’s definition of money laundering complies with Section 290 on receiving stolen goods and Section 290 a on money laundering in the Criminal Code.

§ 290. Any person who unlawfully accepts or acquires for himself or for others a share in profits, which are obtained by a punishable violation of the law, and any person who unlawfully by concealing, storing, transporting, assisting in disposal or in a similar manner subsequently serves to ensure, for the benefit of another person, the profits of a punishable violation of the law, shall be guilty of receiving stolen goods and liable to a fine or imprisonment for any term not exceeding one year and six months, unless the situation is covered by Section 290 a.

Subsection (2). When the receiving of stolen goods is of a particularly aggravated nature, especially due to the commercial nature of the offence, or due to the extent of the obtained or intended gain, or where a large number of offences have been committed, the penalty may be increased to imprisonment for any term not exceeding six years.

Subsection (3). Punishment pursuant to this provision cannot be imposed on a person who accepts profits as ordinary subsistence from family members or cohabitants, or any person who accepts profits as a normal payment for ordinary consumer goods, articles for everyday use, or services.

Section 290 a. Money laundering is punishable with fines or imprisonment for up to 1 year and 6 months for any person who converts or transfers money directly or indirectly derived from a criminal offence to conceal or obscure the illegal origin.

Subsection (2). When money laundering is of a particularly aggravated nature, especially due to the commercial or professional nature of the offence, or due to the extent of the obtained or intended gain, or where a large number of offences have been committed, the penalty may be increased to imprisonment for any term not exceeding eight years.

Re. 1) A characteristic feature of money laundering transactions and activities is that they aim to conceal the origin of funds through a camouflage process. It is not a requirement that the process be complicated, and in many cases the customer can have participated in a minor part of the process.

Re. 2) A crime includes violations of the Criminal Code, of special legislation and similar matters committed abroad for which there is statutory criminal liability. Tax evasion is a violation of tax, customs or duty legislation, obtaining or potentially obtaining unlawful gain.

In terms of criminal law, money laundering is covered by Sections 290 and 290 a of the Criminal Code, which concerns proceeds from all criminal offences.

Re. 3) Money laundering is also defined as an attempt to perform or participate in acts such as those mentioned in nos. 1 and 2. Attempts and participation are defined in accordance with Chapter 4 of the Criminal Code.

Below are examples of when money laundering can occur:

2.2. Terrorist financing

Reference to the AML Act: Section 4

Reference to the 4th Money Laundering Directive: Article 1 (5).

Reference to other legislation:Sections 114 and 114 b of the Criminal Code

“Terrorist financing” is defined in Section 4 of the AML Act. The definition is consistent with the definition in section 114 b of the Criminal Code, as regards acts covered by Section 114 of the Criminal Code, which define terrorism.

Section 114 b of the Criminal Code defines terrorist financing as the situations in which

  • financial support is directly or indirectly provided for,
  • the direct or indirect provision of or collection of funds for, or
  • the direct or indirect provision of money, other assets or financial or other similar services to a person, group or association committing or intending to commit acts covered by Section 114 or Section 114 a.

3. Regulatory overview

UniFin ApS’s main focus in the regulatory sphere is on the requirements of the Danish FSA, but other requirements are also subject to compliance:

  • Financial Action Task Force (FATF) Recommendations
  • The Markets in Financial Instruments Directive, MiFID (EU)
  • European Securities and Markets Authority, ESMA
  • Markets in Crypto-Assets Regulation, MiCA
  • Anti-Money Laundering Directive, AMLD (EU)

UniFin ApS has implemented a customer identification program in which customers are identified at a threshold usage value of 1000.00 Euros or higher.

UniFin ApS will provide KYC and other information to law enforcement and similar third parties upon request.

UniFin ApS will fulfill international requests for information from law enforcement and regulatory authorities.

UniFin ApS will require customers to provide the following information for any transaction involving one or more financial institutions:

  • Sender’s name
  • Sender’s account number
  • Sender’s address
  • Sender’s bank/financial institution details
  • Transaction amount
  • Transaction date
  • Recipient’s bank/financial institution details
  • Recipient’s name
  • Recipient’s account number
  • Recipient’s address

Thus, UniFin ApS complies with and implements “best practices” regarding rules where possible in the course of our activities.

Features of activities and intentions

UniFin ApS does not provide services for:

  • Money transfers (except for transfers of digital means of settlement)
  • Traveler’s checks
  • Check cashing
  • Issuing and redeeming money orders
  • Casino or gambling services
  • Crowdfunding services (if such a requirement is applicable to the activities of UniFin ApS or its clients)

UniFin ApS and its affiliated organizations strive to follow the rules and regulations defined in the Danish Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), and adopt AML/CTF best practices where possible.

UniFin ApS is obligated and will:

  • Report on permissible transactions
  • Identify customers in accordance with KYC/KYB guidelines
  • Facilitate independent verification of the compliance program
  • Facilitate regular staff training regarding AML/CTF
  • Maintain risk assessment and a risk-based approach to service provision
  • UniFin ApS will implement a compliance regime that refers to AML/CTF requirements in accordance with the PCMLTFA.
  • UniFin ApS may be subject to inspections by the Danish FSA or other regulatory bodies.

UniFin ApS supports the efforts of the Danish FSA to mitigate and suppress illegal activities and will provide reasonable assistance to the Danish FSA and its authorized persons in the event of an inspection or reporting event.

To comply with the AML/CTF requirements of the Danish FSA’s regulatory policy, UniFin ApS will use the AML-Accelerate software and technical complex from ARCTIC INTELLIGENCE GROUP PTY LTD, which is affiliated with ACAMS and ICA (International Compliance Association). Regulatory events in UniFin ApS are handled by certified in-house and outsourced specialists.

Accountability and commitment

UniFin ApS strives to prevent and counteract fraud and money laundering/terrorist financing.

UniFin ApS has adopted a risk-based approach and compliance strategy approved by management.

In accordance with this policy and other related policies, UniFin ApS strives to fully comply with requirements that are designed to deter and detect actual/potential money laundering/terrorist financing (ML/TF), as well as other activities that enable/facilitate or are associated with ML/TF, such as fraud.

UniFin ApS encourages and actively develops an internal culture of compliance and ethics among employees. For details, see other policies.

UniFin ApS allocates resources for compliance and risk management, including the implementation of the following Danish FSA recommendations for a sufficient compliance regime:

  • Appointment of a dedicated, knowledgeable compliance officer.
  • Development and maintenance of a risk management program.
  • Documented training program for all UniFin ApS employees.
  • Development and application of internal policies, processes and other initiatives directly related to combating money laundering/terrorist financing.
  • Regularly planned independent reviews to assess the effectiveness and relevance of UniFin ApS’s regime.

UniFin ApS will maintain licensing and applicable regulatory requirements continuously.

Independent reviews will be conducted annually from the date of commencement of UniFin ApS’s activities.

If UniFin ApS ceases to offer licensed services for any reason, it will notify the Danish FSA within 30 days of ceasing to serve customers.

Immunity from prosecution

UniFin ApS recognizes that part of any effective compliance regime is the protection of those who comply or attempt to comply in good faith.

UniFin ApS will maintain requirements for personnel to identify and report suspicious or otherwise reportable transactions to the Danish FSA and will attempt to protect said employees from civil and criminal proceedings where possible.

4. Brief description of the business model

UniFin ApS provides services to individuals and legal entities in all segments of the financial market in accordance with the licenses obtained from the Danish FSA.

UniFin ApS’s method of providing services is online (remote) processing of client orders within the functionality of the MyWallet UniFin ApS software.

MyWallet UniFin ApS is an online system for remote management of client assets.

The uniqueness of My Wallet UniFin ApS lies in the fact that it is organized as a single financial space for making any transactions in the international financial market within a single account. At the same time, the client has the ability to manage all accounts that are authorized in MyWallet.

My Wallet consists of three main sections:

  • Financial services.
  • Cryptocurrency payments and services.
  • Fiat payments and card services. (This option will be available after obtaining a payment license from the Danish FSA. Until the payment license is obtained, all transactions in traditional currencies will be carried out through UniFin ApS’s own accounts in authorized financial institutions in compliance with their Compliance requirements).

UniFin ApS offers the following services based on settlements using fiat and cryptocurrency payment instruments:

  • Capital turnover services on exchange platforms.
  • Transactions in relation to any commodity and stock assets with the possibility of hedging exchange rate risks.
  • Trading in debt obligations.
  • Acquisition and secondary turnover of shares in entrepreneurial initiatives.
  • Conducting transactions in a fraud-protected manner in accordance with the Escrow methodology.
  • Hedging of exchange rate risks.
  • SteadyGrowth. (Creating sustainable/risk-free sources of passive income).
  • Acquisition and turnover of intellectual property rights.
  • Investments in high-tech spheres.

In the exclusive competence of the cryptocurrency market, UniFin ApS offers the following services:

  • Opening and ensuring the proper functioning of the following account categories:

    Current. The specificity of the current account is that it cannot be used for the client’s entrepreneurial activities.

    Corporate. The specificity of the corporate account is that it is used for the client’s entrepreneurial activities.

    Correspondent. The specificity of the correspondent account is that it is used for the client’s entrepreneurial activities in cases where the UniFin ApS client maintains internal accounts of its own clients.

    Institutional. The specificity of the institutional account is that it is used for the entrepreneurial activities of clients licensed for financial activities in cases where the UniFin ApS client offers UniFin ApS company services in any form to its clients.

  • SEND/RECEIVE
  • BUY/SELL
  • SWAP
  • Hedging exchange rate risks of cryptocurrency assets

UniFin ApS clients who have cryptocurrency accounts can receive funds from third parties. For example, from their end clients or counterparties in the ordinary course of business. Funds received from third parties can be used for investments or any other permitted activity in the UniFin APS ecosystem.

Most clients will be located in the European region (European Economic Area, United Kingdom, Switzerland, Balkan countries) and the United Arab Emirates, accepting and transferring funds within these regions.

Clients who use UniFin ApS services for their business operations may have counterparties located in other countries. Except for countries on sanction lists and other Danish FSA requirements in this regard.

UniFin ApS services are offered through partnerships with liquidity providers.

UniFin ApS does not accept cash from clients.

UniFin ApS does not participate in, endorse, or otherwise associate with ICOs or cryptocurrencies that may be considered securities. If such a requirement is applicable to the activities of UniFin ApS or its clients.

UniFin ApS does not list, participate in, endorse, or otherwise associate with security tokens. If such a requirement is applicable to the activities of UniFin ApS or its clients.

A more detailed explanation of the mandataries, clients, customers, and their relationships with UniFin ApS is contained in this document and other policies in the compliance and operational assurance package.

5. Flow of Funds

Below is the described Flow of Funds.

All client payments in favor of UniFin ApS are made exclusively on the basis of issued payment requirements.

UniFin ApS duly maintains records of all transactions with clients and provides them with relevant reporting upon first request through the corresponding functionality in MyWallet.

[Incoming payments.]

There are multiple scenarios for incoming flows of UniFin ApS clients:

  • Receiving funds from a third-party (option available exclusively for cryptocurrency accounts)
  • Top-up account with own account in another financial institution
  • Wire transfer
  • Card acquiring

[Outgoing payments.]

All outgoing payments in traditional currencies from all types of accounts in UniFin ApS, the client has the right to direct exclusively to their own accounts in other financial institutions.

All outgoing payments from all types of cryptocurrency accounts in UniFin ApS, the client has the right to direct to their own accounts in other financial institutions or in favor of third parties on the basis of issued invoices for services or goods.

Part 2. Risk assessment and management

6. Risk assessment

Reference to the AML Act: Section 7 (1).

Reference to the 4th Money Laundering Directive: Article 8 (2), 1st paragraph.

UniFin ApS will conduct a risk assessment related to its inherent probability of money laundering and terrorist financing.

In this context, “inherent risk” is defined as the risk that the company may be used for money laundering and terrorist financing. Initially, the precautionary measures that UniFin ApS may have taken to counter the risks will not be taken into account.

The risk assessment will be conducted based on the company’s business model and identify which areas of business are exposed to the risk of money laundering and/or terrorist financing, the size of these risks, and how they may manifest. In this context, UniFin ApS’s “business model” is defined as the combination of the following factors:

  • types of clients with whom UniFin ApS works,
  • products, services, and operations that UniFin ApS offers to clients,
  • delivery channels used to provide products and/or services,
  • countries or geographical territories where commercial activities are conducted,
  • the organization of the company, and
  • its corporate structure.

The risk assessment forms the basis on which UniFin ApS can determine which business areas should be prioritized to avoid their use for money laundering and terrorist financing, as well as what operational procedures need to be implemented in individual business areas. Thus, the risk assessment will become the basis for how UniFin ApS develops its policies, procedures, and control measures.

UniFin ApS’s risk-based approach specifically means that UniFin ApS will identify and assess the inherent risk of being used for money laundering or terrorist financing. Thus, UniFin ApS will direct its resources to those areas where the risk is highest.

UniFin ApS’s risk assessment will be based on relevant documents, such as supranational and national risk assessments, experience gained through the media and work with authorities, etc., and especially on UniFin ApS’s own experience in monitoring clients, etc. References to national and supranational risk assessments are posted on the FSA website, as well as other links to documents that can be successfully used by UniFin ApS in risk assessment.

The content and scope of the risk assessment will be proportionate to UniFin ApS’s risk factors. Risk assessments will be regularly updated to reflect the current risk profile of UniFin ApS. The risk assessment will be updated weekly. The risk assessment will also be updated when UniFin ApS’s business model changes significantly, or changes in new national or supranational assessments that may affect the risk assessment.

Below is a diagram illustrating the process from identifying inherent risk to determining residual risk when UniFin ApS has made decisions on policy and procedures, etc. The remaining risk when risk mitigation measures are included in the assessment will be considered residual. See the description below.

As illustrated by the diagram below, there is an inherent risk in UniFin ApS’s business model of being used for money laundering and terrorist financing. This will change when UniFin ApS decides to change its business model, for example, by changing the composition of client types, product types, or delivery channels, etc. When UniFin ApS decides to eliminate certain risk factors from its business model in this way, it will be able to reduce the inherent risk.

If and when the business model changes and is fixed, the new actual inherent risk is what UniFin ApS will base its business procedures, policy, and control measures on.

UniFin ApS’s policies and control measures are risk mitigation measures, that is, what UniFin ApS does to achieve effective prevention, limitation, and control of the risks of money laundering and terrorist financing. The residual risk associated with the possibility of using UniFin ApS for money laundering or terrorist financing is the risk that may remain even with effective prevention, limitation, and control.

UniFin ApS will cover all risks. The purpose of the assessment is for it to serve as an operational and practical tool, creating an overview and understanding of the risks inherent to UniFin ApS, as well as the necessary measures to limit them.

The risk assessment will be prepared by the central unit (back office) of UniFin ApS.

6.1. Methods and documentation.

UniFin ApS will identify its risk factors, assess them individually and the relationships between them.

When conducting the assessment, UniFin ApS will determine to what extent the identified risk factors affect the overall inherent risk. Then UniFin ApS will specifically determine where and to what extent such factors may contribute to UniFin ApS being used for money laundering or terrorist financing, taking into account a holistic approach.

One way to assess UniFin ApS’s overall risks is by weighing individual risk factors. The assessment of risk factors will be conducted separately for money laundering and terrorist financing, as they may differ. Consequently, UniFin ApS will consider both aspects in its risk assessment.

UniFin ApS will collect sufficient data to identify all its risk factors. Section 7 (1) of the AML Act contains risk factors that UniFin ApS will consider in its overall assessment. The list of risk factors in the Act is not exhaustive, and UniFin ApS will also identify other relevant risk factors to the necessary extent. When assessing individual risk factors, UniFin ApS will also discover that some factors are insignificant and, consequently, have a negligible or very limited inherent risk. Therefore, UniFin ApS will compare such limited risks with other risk factors to determine whether they can mutually influence each other.

UniFin ApS will document its assessment of risk factors. Such documentation will be related to UniFin ApS’s business model, which also serves as the basis for the assessment. The risk assessment will require sufficiently deep analysis of the business model. UniFin ApS will use its own knowledge, data collection experience, knowledge about clients, demanded products, etc. as part of the documentation for its overall assessment.

Moreover, UniFin ApS’s risk assessment documentation will be based on decisions based on supranational and national risk assessments, and/or other relevant forms of documentation in this area, for example, information provided by FATF, EBA and trade associations, as well as management reports, for example, on corruption issues, information from reliable or public sources, etc. UniFin ApS will also regularly obtain up-to-date materials from the Financial Supervisory Authority’s website.

The documentation will be compiled by UniFin ApS by preserving all details and documents used for the assessment, as well as recording the conclusions reached. UniFin ApS will document internal information, observations, documents, etc. in national or supranational assessments, reports, statistics, etc.

6.2. Risk factors

Reference to the AML Act: Section 7 (1), 1st and 2nd paragraph.

Reference to the 4th Money Laundering Directive: Article 8 (1).

When assessing risk factors, UniFin ApS will refer to Annexes 2 and 3 of the AML Act, which describe situations that may be indicators of limited and high risk, respectively. In addition, UniFin ApS will assess its risk factors in accordance with the list below. Regardless of whether a risk factor is high or low in principle, UniFin ApS will conduct its own assessments and monitoring of its clients in accordance with the AML Act.

6.2.1. Customer types

UniFin ApS will assess customer types as one of the risk factors.

According to Section 7, the risk assessment will be based on UniFin ApS’s overall risk profile, while according to Section 11, it should be based on individual clients. (See Section on risk assessment procedures - KYC). UniFin ApS will take into account factors and general observations from assessments in its overall risk assessment, while UniFin ApS will distinguish between different principles of provisions and, thus, conduct independent assessments based on both provisions. The risk assessment in Section 11 will be based on specific assessments of individual clients.

The assessment will generally be based on the extent to which customer types are legal or natural persons, as well as their professional and commercial activities, reputation, behavior, and, in the case of legal entities, their beneficial owners. The assessment will be conducted at a general level. When using the assessment under Section 11, UniFin ApS will not assess individual clients or beneficial owners.

If clients are legal entities, UniFin ApS will consider their types of activities and the rules to which they are subject.

UniFin ApS will assess whether the customer type is associated with:

  • a sector associated with a high risk of money laundering or terrorist financing,
  • a sector with a large volume of cash in circulation, or
  • the inclusion of politically exposed persons.

The analysis of customer types will focus on:

  • The purpose of establishing the company.
  • Whether the client has an obligation to provide information in accordance with other legal requirements, which ensures greater transparency of the company type.
  • Whether the company has types of clients with transactions to/from/from a country considered not to have effective measures to combat money laundering and terrorist financing, or if the company has clients that are enterprises registered in such a country.
  • Whether the company has types of clients that are enterprises registered in a country with a high level of corruption.

The points listed above for assessment serve only as a guide for risk assessment and do not represent an exhaustive list. UniFin ApS is responsible for determining its own assessment criteria.

6.2.2. Products, services and transactions

In the process of assessing its own risks of its products, services and/or transactions, UniFin ApS will be able to determine whether they can be used for money laundering or terrorist financing, including:

  • To what extent the products, services and transactions are suitable for ensuring anonymity,
  • To what extent the products, services and transactions are complex, and
  • The value and size of the products, services and transactions.

When determining whether a product, service or transaction is suitable for ensuring anonymity, UniFin ApS will be able to assess to what extent the recipient can hide their identity. This may occur, for example, if the product or service is associated with the purchase/sale of bearer shares or transactions without direct contact with the end recipient of securities or cash, etc.

When considering the complexity of products, services and transactions, UniFin ApS will be able to assess:

  • Whether transactions with the product/service involve multiple parties or jurisdictions,
  • Whether the products, services or transactions provide the client with the opportunity to receive payments from third parties that may be unknown or unrelated to the client, and
  • Whether unusual payments can be made that are not regular and do not depend on a fixed pattern.

When determining the value and size of products, services and transactions, UniFin ApS may assess to what extent the products or services are associated with cash circulation/cash payments, and to what extent there are high transaction values/many transactions or the possibility of such values, for example, whether a premium level or limit is defined that may limit the risk.

Products, services or transactions that in principle have limited risk may include:

  • Pension schemes for employees with contributions paid directly from wages.
  • Portfolio management where powers are granted only to trade on behalf of the client, and the client has an account or deposit account with another financial institution.
  • Products for which the risk is controlled by other factors, such as transparency regarding ownership. Examples include mortgages, as well as portfolio management and advisory services.

UniFin ApS understands and takes into account that products, services or transactions with potentially high risk may include:

Private banking services, wealth management or similar services, as these are types of products that are typically offered to very wealthy clients. This may also be the name of a client segment covering from standard products to clients with individual products and complex corporate products. Factors in private banking, wealth management or similar services that may be associated with increased risk include frequent deposits and withdrawals. Therefore, it is easier to conceal an illegal amount in large assets, and experience shows that money laundering attempts often try to convert it into securities income. Moreover, this type of product can often create a very close contact and loyalty between the consultant and the client, which can complicate the additional monitoring required for a risky product. For example, this will also be difficult in cases where products are designed for specific clients and represent very large transaction amounts. Therefore, for this type of product, it is important to ensure awareness of the origin of funds and the client’s goals regarding the proposed transactions and investments, etc.

Individual money transfers or transfers not related to real client relationships, and therefore not providing good knowledge of the client or monitoring. Abuse of the product can manifest itself in the form of several small transfers, which individually do not look suspicious. Experience shows that this type of product is used for terrorist financing.

Currency exchange, as this is a product that often does not have a fixed business relationship, which means there is no deep understanding of the client’s goals and the origin of funds. Otherwise, transactions are often associated with cash. Currency exchange is known to have been used for terrorist financing by exchanging Danish kroner for euros or US dollars, which were physically sent for use in terrorist financing.

Products and services using new technologies, and where there is no experience in their use or sufficient awareness of potential risks.

UniFin ApS understands and takes into account that national and supranational risk assessments also indicate how money laundering and terrorist financing can occur, and where the risks are high.

6.2.3. Delivery channels

UniFin ApS’s transactions and delivery channels are key to risk assessment.

UniFin ApS’s definition of delivery channels allows for a general characterization of:

  • How the business relationship with clients was established, and
  • How UniFin ApS provides its products, services and transactions to clients.

UniFin ApS will also be able to assess:

  • To what extent the business relationship does not include physical contact with the client or counterparty, and there are, for example, no digital security measures. Physical contact with a legal entity may include cases where the legal entity is represented by another person with power of attorney/authorization,
  • What external parties/counterparties are necessary for the delivery of the product or performance of the service, and
  • What parties or intermediaries are involved, UniFin ApS users and the nature of their connection with UniFin ApS.

UniFin ApS will be able to determine whether the client was introduced by a third party, and what is known about this third party, including whether it has effective procedures to combat money laundering and terrorist financing, its location in the EU and subject to effective supervision in that country, and compliance with rules on preventing money laundering and terrorist financing.

UniFin ApS will consider delivery channels that individually may indicate limited risk, may include:

  • A business relationship established with physical contact with the client or with electronic solutions that are given significant trust.
  • Regular deposits without an external delivery channel, i.e., when deposits are made, for example, in the form of salary, and withdrawals are made through regular payment transactions.
  • Mortgage loans, when the client is represented by a mortgage credit institution by the client’s bank.

6.2.4. Country and geographical territories

UniFin ApS will assess the risks that may be associated with countries or geographical territories with which it has connections.

This will allow consideration of:

  • In which countries the types of clients and/or beneficial owners are located,
  • In which countries the types of clients and/or beneficial owners conduct their business, and
  • In which countries the types of clients have personal or commercial ties.

In its overall risk assessment, UniFin ApS will not assess specific clients but will use its knowledge of the types of clients and beneficial owners of clients. For example, if UniFin ApS has a client segment in which beneficial owners are located in a high-risk country, this will be taken into account in the risk assessment regarding countries and geographical territories.

In connection with awareness of the types of clients and analysis of the countries in which they are located or have their personal/commercial ties, UniFin ApS will be able to assess geographical factors such as:

  • Whether the country has sufficient rules aimed at preventing and combating money laundering and terrorist financing,
  • Whether the country has an effective supervisory body in this area,
  • Whether clients have connections with a state or geographical territory where money is earned with a high risk of money laundering or with a high level of crime in this area,
  • Whether money is directed to countries where terrorist activities are known,
  • Whether UniFin ApS has foreign public officials as clients and whether they have geographical connections that can be considered a sign of increased risk of money laundering or terrorist financing,
  • Whether UniFin ApS has clients included in EU sanctions lists.

When assessing a country’s rules and the effectiveness of its supervisory bodies, UniFin ApS will be able to use FATF reports, black and grey lists, reports compiled by FSRB and OECD, Transparency International’s corruption list, and other sources.

6.3. Updating risk assessment

UniFin ApS’s risk assessment will be regularly updated.

This means that it will reflect UniFin ApS’s current risk profile. The frequency of updates is determined by UniFin ApS itself. This depends on the specific risk assessment in relation to the business model.

Updating UniFin ApS’s risk assessment will consist of UniFin ApS conducting a risk assessment and concluding that an update is not required. Similarly, UniFin ApS will also be able to determine that only parts of its risk assessment need to be updated.

In exceptional cases, UniFin ApS will update its risk assessment less frequently if conditions and risk factors remain static and do not change.

UniFin ApS may decide that the risk assessment should be updated at fixed intervals. But, at a minimum, it will be updated when there are significant changes in the organization’s business model and/or risk factors, as well as when new national or supranational risk assessments appear with new assessments, even if UniFin ApS has established a fixed interval for updates.

UniFin ApS may deviate from fixed intervals, for example, if UniFin ApS postpones updates for several months when it knows that new national risk assessments or similar documents will soon be introduced.

If UniFin ApS has a business model in which risk factors can often change, it is complex or previous risk assessments have shown a high internal risk of money laundering or terrorist financing, the risk assessment will be updated more frequently to ensure compliance with the current risk profile.

The principle of annual updating means that UniFin ApS must determine whether an update of the risk assessment is necessary at a minimum.

When the risk assessment is updated, UniFin ApS should determine whether and how to update its policies, procedures and control mechanisms to bring them in line with the overall and current risk profile.

If UniFin ApS has not changed its business model and there are no changes in external risk factors requiring this, there is likely no need to change the policy, and possibly procedures and control mechanisms.

UniFin ApS will regularly review its risk factors, including, for example, checking whether it has entered into business relationships with new types of clients, developed new products, new systems or offers services in a new geographical territory. UniFin ApS will use these cases to assess its risk factors to determine whether there have been changes in risks that may affect the actual risk profile. This will also occur regularly in accordance with conducting, for example, risk assessments as part of KYC procedures in accordance with Chapter 3 of the AML Act.

UniFin ApS will consider that if changes are made to its business model, for example, if it decides to launch new products, services or use new delivery channels, the risk assessment will be updated before the use of these new technologies begins.

UniFin ApS’s procedures and control mechanisms will ensure the detection of new general trends or changes in risk factors and access to relevant information sources.

7. Policies, business procedures and controls

Reference to the AML Act: Section 8 (1).

Reference to the 4th Money Laundering Directive: Article 8 (3) and (4).

7.1. General information

Policies in the context of UniFin ApS’s understanding are general decisions about how it will be organized and how tasks related to preventing money laundering and terrorist financing will be addressed based on the understanding of UniFin ApS’s risk profile obtained as a result of the risk assessment.

Business procedures will represent the specific operational application of UniFin ApS’s policies, turning assessments into business procedures and job descriptions.

UniFin ApS’s control will include the means that UniFin ApS uses to ensure compliance with its decisions and business procedures in the area of anti-money laundering.

See the figure below for an illustration of the process concerning the requirements of the Anti-Money Laundering Act regarding risk assessment and management. The process is simplified by dividing it into three parts.

Anti-money laundering policies will be prepared based on the risk assessment that UniFin ApS will provide in accordance with Section 7 (1). There are no formal requirements for the organization’s policies and business procedures, but they will be in writing and accessible and effective for UniFin ApS. They will include policies and business procedures for:

  • Risk management.
  • KYC (know your customer) procedures.
  • Obligation to conduct investigations, registration and reporting.
  • Record keeping.
  • Employee screening.
  • Internal control.

The main goal is for UniFin ApS to assess and document its internal risks, determine its overall strategic goals and operational methods for achieving them, as well as control to ensure their compliance.

UniFin ApS’s policies, business procedures and control in the field of anti-money laundering will be approved by the employee responsible for AML (Anti-Money Laundering), in terms of whether they are sufficient to meet the requirements of the Anti-Money Laundering Act. UniFin ApS considers that there may be requirements of other legislation according to which its policies should also be approved by the Board of Directors.

7.2. Policies

UniFin ApS’s anti-money laundering policies will include identification, assessment and definition of risk factors as conclusions of the risk assessment, as well as general strategic goals for preventing money laundering and terrorist financing for identified risks.

UniFin ApS’s internal and subsequent residual risks reflect its risk profile in the field of anti-money laundering. UniFin ApS’s risk appetite, therefore, will consist of the developed business model.

UniFin ApS’s policies will include a description of the risk factors that it is willing to accept, and instructions on how its strategic goals can be achieved.

As described above, risk appetite may consist of UniFin ApS considering whether there are types of products that it will not provide, or whether there are certain geographical territories in which it does not want to be located.

UniFin ApS’s policies will include consideration of:

  • Identification and definition of risks that it is willing to accept in its business model.
  • Risk management principles.
  • Risk management objectives.
  • Risk areas of the organization.
  • Risk appetite.
  • Delegation of responsibility.
  • Organization of risk management within the organization.

7.2.1. Business procedures

“Business procedures” in the field of anti-money laundering are defined by UniFin ApS as a description of the activities that UniFin ApS performs to ensure compliance with legislation, as well as to ensure that its policies and procedures are followed.

Business procedures will be based on UniFin ApS’s business model, its policies and individual circumstances. They will be an easily applicable tool for UniFin ApS employees and therefore will clearly describe the business area, delegation of responsibility (including who is responsible for performing individual tasks) and how they will be performed.

Business procedures will describe how the following areas are addressed in practice:

  • Risk management.
  • KYC procedures.
  • Obligation to conduct investigations, registration and reporting.
  • Record keeping.
  • Employee screening.
  • Internal control.

Business procedures will describe individual actions for tasks in each area.

7.2.2. Risk management

UniFin ApS’s risk management in the field of anti-money laundering will be based on its business model and the risks that UniFin ApS will identify as a result of the risk assessment.

Risk management is UniFin ApS’s awareness of risks and how it will respond to newly identified risks.

UniFin ApS will ensure that it is organized in such a way as to ensure clearly defined areas of responsibility and that there are effective business procedures for identifying, monitoring and reporting on the risks of using UniFin ApS for money laundering or terrorist financing. In addition, UniFin ApS will have business procedures for how it deals with identified violations of UniFin ApS’s policies and its business procedures.

Risk management also implies that UniFin ApS will track the development of risks associated with money laundering and terrorist financing, considering their impact on the risk assessment, as well as on its policies, business procedures and control.

7.2.3. Employee screening

UniFin ApS will prevent the use of employees’ positions for money laundering and terrorist financing or participation in them.

“Screening” consists of the following two elements:

  • Checking that employees do not have criminal records that may increase the risk of them using their position for criminal purposes.
  • Checking that employees have sufficient qualifications in the field of combating money laundering so that they can cope with their responsibilities.

Screening of employees with the risk of using their position for money laundering or terrorist financing, including participation in them, will be conducted by UniFin ApS before their employment.

Screening will always be based on a risk-based approach and was proportionate to the employee’s position and functions performed. UniFin ApS will consider which functions are particularly important for applying screening procedures.

Employee screening will always be relevant when an employee performs a function where they can directly or indirectly abuse their position to participate in money laundering or terrorist financing. This may be relevant, for example, when:

  • Employees conduct KYC (know your customer) procedures.
  • Employees can carry out transactions.
  • Employees who are delegated tasks by an employee responsible for compliance with the Anti-Money Laundering Act.
  • Employees work in the organization’s compliance department.
  • Employees work in the organization’s internal audit or perform internal audit functions.
  • Employees holding management and/or trusted positions in UniFin ApS will also be particularly relevant for screening.

UniFin ApS will use a risk-based approach to stay informed if an employee has been convicted of a crime that may increase the risk of abuse of their position during work. This will be achieved by:

  • Including in employment contracts the obligation to inform, obliging employees to inform the organization if they are convicted of a crime during the period of work, or
  • regularly or randomly requesting criminal record certificates from employees and keeping evidence of their provision.

Checking that employees have sufficient qualifications in the field of combating money laundering to perform their duties is understood by UniFin ApS as extremely important.

UniFin ApS will ensure that employees have the necessary qualifications in the field of combating money laundering to satisfactorily perform their duties. However, this qualification can be acquired through training after appointment. UniFin ApS will always ensure that its employees have the necessary abilities, knowledge and skills to effectively perform their functions in UniFin ApS.

7.2.4. Internal control

UniFin ApS will establish internal control, which means that it should check whether the requirements of the anti-money laundering law are being met.

UniFin ApS will describe its control in business procedures and how it will document the control performed.

UniFin ApS’s compliance officer will conduct internal control as part of normal operational activities.

To ensure effective control, UniFin ApS will ensure a sufficient degree of independence between the person performing the control and the person in respect of whom the control is conducted.

Internal control will consist of the following two elements:

  • Checking compliance with UniFin ApS’s policies and business procedures.
  • Checking the implementation of control and its compliance.

Control will be carried out at appropriate intervals to ensure compliance with policies, business procedures and control. Control will be carried out in the following areas:

  • Risk management.
  • KYC procedures.
  • Obligation to conduct investigations, registration and reporting.
  • Record keeping.
  • Employee screening.

8. Persons responsible and functions

The Anti-Money Laundering Act (AML) establishes requirements for the implementation of the provisions of the Act by various persons and functions in financial organizations.

(table)

8.1. AML Officer – the person appointed according to Section 7 (2)

Reference to the AML Act: Section 7 (2), Section 8 (2), Section 18 (3) and Section 19 (1), no. 3.

Reference to the 4th Money Laundering Directive: Article 3 no. 12, Article 8 (5), Article 19 (1), letter c, and Article 20 (1), letter b, (i).

The general management of UniFin ApS will appoint an employee authorized to make decisions on behalf of UniFin.

ApS for approving policies, business procedures and controls, as well as for approving special client relationships.

To meet the requirements, the appointed person will be actually involved in the company’s work on preventing money laundering and terrorist financing.

The authority ensures that the AML Officer will have competence at the management level.

The AML Officer will have sufficient knowledge of UniFin ApS’s risk profile and specific risk factors.

The specific framework for this person’s involvement will be determined by UniFin ApS. This person will be responsible, have access to UniFin ApS’s client databases and other relevant information, including minutes of board meetings and audit reports.

8.2. Responsibilities of the AML Officer

The AML Officer:

  • Will have the authority to make decisions on behalf of UniFin ApS for approving the following:
    • policies, business procedures and controls (Section 8 (2))
    • establishment and continuation of business relationships established in a country included in the European Commission’s list of high-risk third countries (Section 17 (2))
    • establishment and continuation of business relationships with PEPs (politically exposed persons), their related persons and close associates (Section 8 (3))
    • establishment of cross-border correspondent relationships (Section 19 (1), no. 3).
  • Will have an understanding and knowledge of UniFin ApS’s risks in the area of money laundering and, therefore, be able to make decisions beneficial for UniFin ApS’s fight against money laundering and terrorist financing.

UniFin ApS will organize the work of the AML Officer in such a way that employees and senior management can consult with the AML Officer on all relevant issues and be informed as soon as something new appears.

In addition, the AML Officer will be sufficiently independent and able to report directly to the executive board and board of directors on issues related to money laundering and terrorist financing. Reporting to the board of directors is an option that the AML Officer will use if deemed necessary. Therefore, the AML Officer is not assigned an overall obligation to report to the board of directors.

The AML Officer will follow the business procedures that UniFin ApS will implement in the area of money laundering and terrorist financing. The compliance officer will check and perform independent checks on how effective the AML Officer’s procedures are.

8.3. Delegation

The AML Officer will be able to delegate the responsibilities specified in the provision to one or more employees with sufficient knowledge of the company’s risk profile in relation to money laundering and terrorist financing.

Delegation to one or more persons will be particularly relevant in large undertakings with multiple departments working in areas covered by the AML Act. It is important to note that responsibility that follows from Section 7 (2), cannot be delegated, but is the responsibility of the person appointed in accordance with the provision.

8.4. Compliance Officer

Reference to the AML Act: Section 8 (3).

Reference to the 4th Money Laundering Directive: Article 8 (4), letter a.

UniFin ApS will appoint a compliance officer at the management level to ensure that their functions also include requirements under anti-money laundering legislation.

The compliance officer will work independently. The compliance officer will check and determine whether UniFin ApS complies with the requirements of the Anti-Money Laundering Act and rules issued on its basis. This means that the officer will check and evaluate whether the organization’s business procedures and methods for combating money laundering and terrorist financing are appropriate and effective, as well as whether the organization notifies MLS (Section 26 (1) of the Act.). In addition, the compliance officer will check and evaluate whether the measures taken to eliminate any shortcomings are effective.

The compliance officer will ensure that the control carried out by UniFin ApS is sufficient as part of the organization’s internal control.

Due to independence from general management, the compliance officer will also deal with the processing of employee reports on violations or potential violations (Section 35 (1) and Section 36 a (1) and (2) of the Act.).

8.5. Responsible member of the executive board

Reference to the AML Act: Section 8 (5).

Reference to the 4th Money Laundering Directive: Article 46 (4).

UniFin ApS will appoint a member of the executive board responsible for fulfilling the requirements of the Anti-Money Laundering Act and rules issued on its basis.

The responsible member of the executive board will have a special obligation to ensure UniFin ApS’s compliance with the rules of the Anti-Money Laundering Act. Their task will be to ensure the anchoring at the management level and management of attention to preventive measures against money laundering and terrorist financing. This does not relieve the rest of the general management from responsibility.

The responsible member of the executive board will perform their duties, for example, by regularly holding meetings with AML officers and compliance officers to find out the status of the organization’s compliance with the rules of the Anti-Money Laundering Act and the implementation of new rules in the field of anti-money laundering. If UniFin ApS has shortcomings in compliance with anti-money laundering legislation, the responsible member of the executive board will address such shortcomings.

The responsible member of the executive board is also responsible for UniFin ApS’s subsidiaries.

8.6. Internal audit

Reference to the AML Act: Section 8 (4).

Reference to the 4th Money Laundering Directive: Article 8 (4), letter b.

Regarding the requirements for internal audit, refer to: Executive Order no. 1912 of 22 December 2015 on the implementation of audits in financial undertakings, etc. and financial groups.

The board of directors will ensure that the internal audit evaluates whether the organization’s policy, business procedures and control in the field of money laundering are organized and function properly.

The job description for the internal auditor will contain provisions according to which the internal audit must ensure the organization’s compliance with written policies, business procedures and control in the field of money laundering and terrorist financing.

9. Education

Reference to the AML Act: Section 8 (6).

Reference to the 4th Money Laundering Directive: Article 46 (1).

Regarding the requirements for a basic course for board members, refer to: Executive Order no. 1424 of 29 November 2016 on a basic course for members of the Board of Directors in banks, mortgage credit institutions and insurance companies.

In accordance with the provision (Section 8 (6)), UniFin ApS will ensure that employees, including management, undergo appropriate training in the requirements of the Anti-Money Laundering Act.

To fulfill this requirement, the appointed person will be actually involved in UniFin ApS’s work on preventing money laundering and terrorist financing. The requirement applies to the executive board and senior management of the organization.

Members of UniFin ApS’s board of directors will undergo a basic course on preventing money laundering.

UniFin ApS will have an adequate training program. UniFin ApS’s business procedures and control will also ensure that training is conducted for employees who work with clients.

UniFin ApS will ensure employee participation in training.

Training in certain special business areas will be adapted to the special functions of employees, including highlighting indicators of money laundering and terrorist financing that may arise in different areas.

UniFin ApS employees will also undergo training on relevant data protection provisions to ensure the processing of personal data in accordance with data protection legislation. This will help ensure that, in accordance with the provisions of the Anti-Money Laundering Act, personal data can be obtained only for the purpose of complying with the requirements of the Act.

UniFin ApS will train its employees and management at appropriate intervals. When updating its business procedures, UniFin ApS will train its personnel if it is relevant to their work.

Part 3. KYC procedures

It is a basic principle of anti-money laundering legislation that the undertaking must know its customers. The rules on KYC procedures are found in Chapter 3, Sections 10-21 of the AML Act.

The purpose of UniFin ApS’s KYC procedures is to prevent money laundering and terrorist financing by ensuring that UniFin ApS knows who its clients are and what the purpose of their business relationships or individual operations is.

KYC procedures are mandatory for UniFin ApS and are applied continuously throughout the term of the relationship with the client. This means that information about the client will be updated at appropriate intervals based on risk assessment. UniFin ApS will document the information obtained in accordance with Chapter 3 of the Anti-Money Laundering Act.

Who is the client?

“Client” includes natural and legal persons (including companies, associations and government agencies).

UniFin ApS’s relationship with the client arises when UniFin ApS either establishes business ties with the client or performs a separate operation for the client.

The client is a natural or legal person with whom UniFin ApS enters into contractual relations, or on whose behalf UniFin ApS performs an operation or action.

10. When will UniFin ApS conduct KYC procedures?

  • When establishing business relationships.
  • When relevant circumstances of the client change.
  • At an appropriate time, including cases where the undertaking or person during the relevant calendar year is obliged to contact the client to verify any current information about the beneficial owner or owners.
  • When conducting individual transactions for a certain amount.
  • When providing gambling services, when the stake or payout exceeds a certain amount.
  • In case of suspicions of money laundering or terrorist financing.
  • In case of doubts about previously obtained client data.

10.1. Establishing business relationships

Reference to the AML Act: Section 10 (1), no. 1.

Reference to the 4th Money Laundering Directive: Article 11, letter a.

UniFin ApS establishes business relationships when it provides a service or sells a product to a client.

When UniFin ApS establishes client relationships, if it is expected that these relationships will be long-term, business relationships are established. Therefore, business relationships will be established if UniFin ApS believes that the client will regularly use its services and will be a permanent client.

Business relationships will always be established if the client opens an account or similar account in UniFin ApS, for example, for deposit, lending, leasing or sale of property.

UniFin ApS does not open anonymous accounts or under a false name, so KYC procedures will always be conducted when establishing business relationships.

10.2. Change in relevant client circumstances

If business relationships are already established and relevant circumstances of the client change, UniFin ApS’s KYC procedures will be conducted again.

UniFin ApS will react if it becomes aware of changes in client relationships, for example, a significant increase in the client’s obligations and/or changes in their business.

In such situations, UniFin ApS will use risk assessment to determine the need to obtain new information about the client, including, for example, obtaining and verifying new identification data.

If the client is a legal entity, UniFin ApS will use risk assessment to determine the need to obtain new information about beneficial owners. If the company has new beneficial owners, it must identify them and take reasonable measures to verify the new beneficial owners. It will often also be necessary to identify the new ownership and control structure of the client.

UniFin ApS will conduct KYC procedures when it becomes aware that the relevant circumstances of the client have changed. These procedures may be part of the company’s monitoring, regular KYC procedures or if the company can otherwise obtain reliable information about the client.

10.3. KYC procedures at an appropriate time

When establishing business relationships, UniFin ApS will conduct KYC procedures at appropriate intervals during client relationships.

UniFin ApS will conduct KYC procedures annually to ensure that the data on an existing client is correct and sufficient.

“Legal requirement” is defined as UniFin ApS’s obligation to contact the client to verify any current information about the beneficial owner(s). This obligation is due to the need to comply with the Administrative Cooperation Directive in the field of taxation, in particular, the CRS rules and FATCA rules.

Conducting KYC procedures at an appropriate time should be based on risk assessment. This means that UniFin ApS will determine the interval based on the risk assessment of client relationships. UniFin ApS will group clients into different categories, for example, clients with limited risk and clients with increased risk, and set one interval for the former and another for the latter. UniFin ApS’s decision that cancels KYC procedures is not acceptable.

UniFin ApS will focus on client relationships with increased risks, while client relationships with limited risk do not require the same extensive and frequent procedures.

There is no mandatory method defining how UniFin ApS should conduct KYC procedures at an appropriate time. Therefore, UniFin ApS’s KYC procedures can be conducted both automatically and manually. However, this will be based on a risk-oriented approach.

10.4. Individual transactions

Reference to the AML Act: Section 10 (1), no. 2.

Reference to the 4th Money Laundering Directive: Article 11 (1), letter b.

Other legislation: Regulation (EU) 2015/847 of the European Parliament and of the Council of 20 May 2015 on information accompanying funds transfer and repealing Regulation (EC) No 1781/2006.

UniFin ApS may perform individual transactions for clients who do not use its services regularly.

As part of KYC procedures, UniFin ApS will determine when a client transitions from the status of a client for whom UniFin ApS performs individual transactions to the status of business relationships. UniFin ApS will establish a number of criteria for determining the presence or absence of business relationships. Such criteria will be:

  • The number of times a client uses the company’s services.
  • Periods between two transactions.
  • Number of transactions.

When conducting individual transactions, UniFin ApS will conduct KYC procedures when it performs transactions for a client for an amount of at least 15,000 euros.

Other limits apply to money transfers and currency exchange. KYC procedures will be conducted for money transfers when UniFin ApS performs an individual transaction for an amount of more than 1,000 euros, and for currency exchange when the transaction is 500 euros or more.

If the size of the transaction is not known in advance, KYC procedures will be conducted as soon as UniFin ApS suspects that the transaction or transactions will amount to 15,000 euros, 1,000 euros or 500 euros, respectively.

The specified limits will apply regardless of whether the transaction is performed as one or several interrelated transactions.

If there are suspicions of money laundering or terrorist financing, KYC procedures will always be conducted by UniFin ApS.

UniFin ApS will take into account that it must comply with the requirements of the Funds Transfer Regulation regarding the details of the payer and recipient. This requirement applies even if UniFin ApS is not obliged to conduct KYC procedures in accordance with the requirements of the Anti-Money Laundering Act.

10.5. Suspicion of money laundering or terrorist financing

Reference to the AML Act: Section 10 (1), no. 4.

Reference to the 4th Money Laundering Directive: Article 11 (1), letter e.

UniFin ApS will always conduct KYC procedures when it becomes aware of suspicion of money laundering or terrorist financing.

This requirement will apply even in the case where only one transaction below a certain amount is involved.

In situations where it is impossible to conduct KYC procedures, for example, if the client refuses to provide such data or leaves the premises when they are requested, UniFin ApS will report this to MLS, providing the available data.

10.6. Previously obtained details on the customer

Reference to the AML Act: Section 10 (1), no. 5.

Reference to the 4th Money Laundering Directive: Article 11 (1), letter f.

Executive Order no. 1376 of 12 December 2019 on reporting discrepancies in details on beneficial owners. The DBA’s guide on beneficial owners.

UniFin ApS will conduct KYC procedures if there are doubts about the correctness and/or sufficiency of the obtained data on the identity of the client, etc.

This means that if UniFin ApS has reason to believe that the obtained data is incorrect and/or insufficient, new KYC procedures must be conducted. The requirement includes the need to conduct full or partial KYC procedures based on risk assessment. This is not just updating data on the client’s identity. UniFin ApS will make a specific assessment of what data needs to be obtained.

UniFin ApS will decide whether the data is insufficient or incorrect. The necessity and scope of additional KYC procedures that should be conducted in a specific case may depend on specific conditions, for example:

  • If UniFin ApS doubts whether any specific data is insufficient, it may decide that only part of the KYC procedures needs to be repeated.
  • If UniFin ApS doubts whether the obtained data is correct, it may decide that full KYC procedures need to be repeated.
  • In case of insufficient data, UniFin ApS will require the provision of additional data about the client.
  • In cases where it turns out that some data is incorrect, it will often be necessary for the company to re-verify all data to ensure that they are all correct. If UniFin ApS suspects that incorrect data was provided by the client intentionally, full KYC procedures will be repeated.
  • If UniFin ApS, in the process of working with a client, discovers that the data on the client’s beneficial owners does not correspond to those registered in the DBA’s IT system, it must report this to the DBA as soon as possible. If the client corrects the discrepancies as quickly as possible, UniFin ApS will not be obliged to report the discrepancies to the DBA.

10.7. Individual activities that are not transactions (advisory services)

Reference to the AML Act: Section 13.

Reference to the 4th Money Laundering Directive: Article 2 (3).

If UniFin ApS performs an individual action that is not a transaction, then actions to obtain and verify the client’s identification data may be cancelled based on risk assessment.

In such cases, business relationships will not be established.

The assessment can be conducted based on whether the activity is general in nature or UniFin ApS should take into account specific client data to perform the activity, including the client’s income and assets.

If there are suspicions of money laundering or terrorist financing, KYC procedures will always be conducted by UniFin ApS.

11. Content of KYC procedures

Section 11 of the AML Act stipulates the general requirements for KYC procedures.

KYC procedures are mandatory throughout UniFin ApS’s business relationship with the client and will be conducted based on a risk assessment of client relationships.

Consequently, UniFin ApS will identify relevant risk factors and changes in them within each specific client relationship to assess the scope of necessary KYC procedures.

UniFin ApS is obliged and will:

  • obtain identification data of the client, and
  • verify the obtained identification data through an independent and reliable source.

11.1. Obtaining identification data

Reference to the AML Act: Section 11 (1) and (4).

Reference to the 4th Money Laundering Directive: Article 13.

Reference to the 5th Money Laundering Directive: Article 1 (1), no. 8.

UniFin ApS is obliged and will always obtain identification data of the client.

Natural persons

If the client is a natural person, UniFin ApS will need to obtain their name and CPR number. If the client does not have a CPR number, it will be necessary to obtain similar identification data, such as a national identification number for foreigners.

It is important that UniFin ApS ensures that the identification number is actually active/valid. The date of birth will be used only in relatively rare cases when there is no unique identification number.

The obtained identification data, including the date of birth, must satisfy UniFin ApS that the client is who they claim to be.

UniFin ApS must obtain the client’s full name to ensure that the authentication of the client is effective.

UniFin ApS will obtain identification data through a form and use two control sources provided by the client for this purpose, so that UniFin ApS can determine whether the client has provided their full name for the two control sources, and there is no doubt that the client is who they claim to be. An example of two control sources could be, as already mentioned, a driver’s license and passport.

When establishing business relationships with a client, UniFin ApS will register the client’s full name.

UniFin ApS will always be able to demonstrate to the authority that monitors compliance with the Anti-Money Laundering Act that knowledge of the client is sufficient.

Legal entities

If the client is a legal entity, UniFin ApS will obtain its name and CVR number.

If the client does not have a CVR number, UniFin ApS will obtain similar identification data. For foreign enterprises, other forms of identification data may be a registration number, for example, a TIN number (tax identification number), LEI code (legal entity identifier) or other unique registration number.

11.2. Verification of identification data

Reference to the AML Act: Section 11 (1), no. 2 and (4).

Reference to the 4th Money Laundering Directive: Article 13 (1), letter a.

Reference to the 5th Money Laundering Directive: Article 1 (1), no. 8, letter a.

For electronic identification and relevant trust services, refer to: Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (eIDAS Regulation).

The identification data obtained by the company about the client, UniFin ApS will verify based on documents, data or information obtained from a reliable and independent source. This means that verification of the client’s identity will be carried out through a source other than the client themselves.

UniFin ApS will consider a government agency as a reliable source, but it can also be another reliable external source. It is also important that the source is up-to-date. This is especially important in relation to physical identity documents, when UniFin ApS must ensure that the document is still valid.

UniFin ApS will use electronic means of identification in connection with KYC procedures. A reliable and independent source may include electronic means of identification, relevant trust services or any other secure form of remote identification or electronic identification process that is regulated, recognized, approved or accepted by competent national authorities.

UniFin ApS will control that the document used for verification is valid, as a person’s identification data may have changed, for example, citizenship data, change of unique identification number, etc.

Using risk assessment, UniFin ApS will determine whether identification data should be updated later, including the need to re-obtain identity confirmation if the previous identity confirmation has expired during this time.

UniFin ApS will require a new identity document if doubts arise about the authenticity of the document.

If UniFin ApS considers that there is an increased risk in relation to business relationships, it should take additional actions, regardless of whether the client’s identification data has been verified. UniFin ApS will request additional documents from the client until it understands that the client is who they claim to be.

11.3. Remote clients

UniFin ApS has a better chance of ensuring that the client is who they claim to be when physically meeting with the client. When the client is not physically present (remote relationships), UniFin ApS should consider the potentially increased risk.

The scope of identity verification for clients who are not physically present will depend on the properties and characteristics of the product or service associated with the business relationship, in relation to the risk of money laundering or terrorist financing. Thus, UniFin ApS will always use risk assessment to determine the need to apply control sources to ensure sufficient knowledge of the client, including the need to use more than one source to verify identification data or risk mitigation measures.

11.4. Use of NemID or other form of electronic identification

NemID will be used by UniFin ApS to verify the client’s identification data when using PID CPR to verify CPR numbers and public digital signatures (OCES) to verify the name.

UniFin ApS will use information obtained, for example, through electronic identification means, relevant trust services under the eIDAS Regulation or any other secure form of remote identification or electronic identification process regulated, recognized, approved or accepted by competent authorities. In accordance with the eIDAS Regulation, UniFin ApS will be obliged to recognize electronic identification means (eID) from other EU or EEA countries.

UniFin ApS will use NemID or another form of electronic identification as the only control source only after conducting a risk assessment of specific client relationships and determining that simplified KYC procedures can be conducted and that sufficient knowledge of the client can be obtained using NemID or another form of electronic identification.

If business relationships with the client include products or services for which the national risk assessment on money laundering and terrorist financing indicates the involvement of high-risk products or services, client relationships will in principle not represent a limited risk. This means that in such client relationships, NemID or another form of electronic identification will not be sufficient to ensure the necessary knowledge about clients.

NemID or another form of electronic identification as a control source will be supplemented by other control sources or risk mitigation measures. Such measures will include:

  • The initial transaction is carried out through the client’s Nemkonto or another bank account registered in the client’s name.
  • UniFin ApS sends a unique code to a mobile phone number that it has verified as belonging to the client, or by physical letter to the client’s registered address.
  • UniFin ApS will check the client’s IP address in relation to geolocation.
  • UniFin ApS will ask the client questions that can then be verified by a reliable and independent source, for example, information from the client’s personal tax file.
  • UniFin ApS will at any time be ready to demonstrate to the authority that oversees compliance with the Anti-Money Laundering Act that the company’s knowledge of the client is sufficient in relation to the risk of money laundering and terrorist financing. Therefore, the company’s KYC procedures (and its verification of identification data) will be designed in such a way as to ensure sufficient knowledge of the client.

12. Beneficial owners

Reference to the AML Act: Section 11 (1), no. 3, Section 2 (1), nos. 1 and 9 and Section 15 a.

Reference to the 4th Money Laundering Directive: Article 13 (1), letter b.

Reference to the 5th Money Laundering Directive: Article 1 (1), no. 8, letter b.

Reference to the DBA’s guide: Beneficial owners, the guide concerns beneficial owners, including who, what and where must be registered.

As part of KYC procedures, UniFin ApS will identify the beneficial owners of its clients. UniFin ApS must and will:

  • obtain identification data about the beneficial owner(s),
  • take reasonable measures to verify the identification of the beneficial owner(s), and
  • if the client is a legal entity, determine its ownership and control structure.

12.1. Definition of beneficial owner

Under the Beneficial Owner of the client, UniFin ApS understands the natural person(s) who ultimately owns or controls the client, or the natural person(s) on whose behalf a transaction or activity is carried out.

Beneficial owners can be natural persons, and UniFin ApS will determine the full chain of ownership and structures, and determine who ultimately owns or controls the client.

When UniFin ApS determines who the beneficial owners of the client are, it will assess which persons own a sufficient number of shares, voting rights or can control the company in another way. UniFin ApS understands that an indicator of a sufficient amount will be, in principle, that a person owns more than 25% of shares and/or control. However, it is important to emphasize that the percentage limit is only an indicator of beneficial ownership or control.

In cases where there are no natural persons who own and/or control the client to a sufficient degree to be identified as beneficial owners, UniFin ApS will consider the client’s general management as beneficial owners.

If UniFin ApS has identified one or more beneficial owners, but there are still doubts about whether these persons are actually the beneficial owners, both these persons and the general management will be considered the client’s beneficial owners.

12.2. Identification of beneficial owners

UniFin ApS will record the measures it has taken to identify beneficial owners.

The recording will be done before UniFin ApS considers the general management of clients as their beneficial owners. UniFin ApS will retain the information it has received and used to identify clients’ beneficial owners. For this, UniFin ApS will use an “owner chain” diagram from the client to its beneficial owners, or if UniFin ApS has determined the client’s ownership and control structure based on a printout from the DBA’s register of beneficial owners.

In relationships with a client that imply limited risk, UniFin ApS will also obtain and record the details and notes that the client used to identify their beneficial owners. Nevertheless, UniFin ApS will evaluate the client’s details and notes before using them as part of the client investigation.

The requirement to identify and verify beneficial owners UniFin ApS will not apply to organizations whose shares are traded on a regulated or similar market, subject to the obligation to provide information in accordance with EU legislation or relevant international standards ensuring transparency. In situations where the client’s shares are traded on such a regulated market in the EU/EEA or on a similar market outside the EU/EEA with the same information obligations, UniFin ApS is not obliged to identify and verify the client’s beneficial owners. When determining similar information obligations in markets outside the EU/EEA, the requirements established by the relevant articles of the Market Abuse Regulation (2014/596/EC), the Transparency Directive (2004/109/EC) and the Prospectus Directive (2003/71/EC), as well as any other EU regulations arising from these articles, will be applied.

12.3. Obtaining identification data

UniFin ApS will always obtain information about the identity of the beneficial owner(s) (except for owners of companies registered on the stock exchange).

UniFin ApS will obtain data that allows it to confidently establish who the beneficial owners are.

UniFin ApS will ensure that it obtains sufficient data to guarantee that the beneficial owner is the person indicated by the client. The organization will always be able to prove to the authority that oversees compliance with the Anti-Money Laundering Act that it has sufficiently identified and verified data about the beneficial owner.

If UniFin ApS becomes aware of significant changes in the relationship with the client, it should decide whether it is necessary to obtain new data about who the beneficial owners are. If UniFin ApS learns that a beneficial owner is a politically exposed person, it should assess whether this may affect the client’s risk assessment, including the need to obtain additional information about the client and beneficial owners. If UniFin ApS assesses that the client’s risk has increased, it will always assess whether there is enough information about the beneficial owners.

12.4. Verification of identification data of beneficial owners

Verification of the identification data obtained by UniFin ApS will be based on a risk assessment regarding reasonable measures to be taken for a specific client.

UniFin ApS will always obtain identification data, and then conduct a risk assessment to determine what measures and to what extent need to be applied for their verification.

UniFin ApS will always check the information provided by the client.

If UniFin ApS considers that the business relationship with the client presents a limited risk, it can use the DBA’s register of beneficial owners as a source for verifying the client’s beneficial owners.

If UniFin ApS considers that there is an increased risk in business relationships with the client, then simply checking the identification data provided by the client will be insufficient. In such cases, verification of the identification of beneficial owners may be required using one or more independent sources.

12.5. Clarification of ownership and control structure

When the client is a legal entity (including an association), UniFin ApS.

will identify its ownership and control structure. This also applies to non-legal entities if the client is, for example, a trust or similar legal arrangement. “Ownership and control structure” is defined by UniFin ApS as the organization obtaining data about the client’s owners, management, rules concerning signature on behalf of the company, ownership agreements, share classes, etc. UniFin ApS will independently determine which data are relevant for clarifying the client’s ownership and control structure.

Clarification of the client’s ownership and control structure will help determine who the client’s beneficial owners are. Therefore, UniFin ApS will be able to first determine the ownership and control structure to understand who needs to be identified and possibly verified as the client’s beneficial owners.

UniFin ApS will always clarify the full chain of ownership and structure of the client, i.e., UniFin ApS will clarify the entire ownership chain of any legal entities (enterprises) to find the persons who ultimately own or control the client. Clarification of the ownership and control structure will include any foreign legal or natural owners.

Using risk assessment, UniFin ApS will be able to determine what investigations it needs to conduct to clarify the client’s ownership or control structure. In cases of limited risk, for example, when the ownership and control structure is transparent and when no risk factors directly or indirectly related to the ownership and control structure have been identified based on a specific risk assessment, it is sufficient for the organization to compile a group diagram showing ownership shares. Alternatively, UniFin ApS will be able to use information obtained through CVR (Central Business Register), including data on the enterprise’s beneficial owners.

In cases of increased risk, it may be necessary for UniFin ApS to obtain documentation on ownership shares in the form of articles of association, shareholder register or similar documents.

However, UniFin ApS will always clarify the full chain of ownership and structure of the client for all business relationships with legal entities, but then it can independently determine the degree of precautions and controls that it needs to apply, based on its own risk assessment of business relationships.

13. Continuous updating of client data

Reference to the AML Act: Section 11 (1), no. 5.

Reference to the 4th Money Laundering Directive: Article 13 (1), letter d.

UniFin ApS will continuously update data, documents and information about the client to determine whether the risk associated with business relationships has changed. This means that the data that UniFin ApS obtained as part of KYC procedures may need to be updated during the course of business relationships with the client.

UniFin ApS will establish procedures for updating data.

14. When a person acts on behalf of the customer

Reference to the AML Act: Section 11 (2).

Reference to the 4th Money Laundering Directive: Article 13 (1).

When a person acts on behalf of the client, the following actions will be taken:

  • establishing the identity of this person and
  • confirming their identity using a reliable and independent source.

This requirement will be fulfilled in cases where a person claims to be acting on behalf of another person, or when UniFin ApS has doubts about whether a person is acting on their own behalf.

The natural or legal person on whose behalf another person acts is considered the client, and it is this person on whom UniFin ApS should conduct the KYC (know your customer) procedure.

UniFin ApS will only be obliged to identify and confirm the identity of the person acting on behalf of the client. This means that the organization is not obliged to conduct other KYC procedures in relation to this person, including, for example, clarifying the purpose and nature of the intended activity.

When natural or legal persons act on behalf of the client, UniFin ApS will ensure that such persons have the appropriate authority to do so.

This provision concerns third parties, and in this context, power of attorney does not fall under Section 11 (2) of the Anti-Money Laundering Act, since power of attorney holders act as part of the organization, and not as independent third parties on behalf of the organization.

If UniFin ApS has remaining doubts about the authenticity of the person’s data, UniFin ApS will verify the identity of this person.

In situations where trust relationships are unclear or there are doubts about them, the organization should obtain information or documents from the person confirming that they have the necessary authority to act on behalf of the client.

15. Correspondent relationships

Reference to the AML Act: Section 2, no. 4 and Sections 19, 20.

Reference to the 4th Money Laundering Directive: Articles 19 and 24.

Reference to the 5th Money Laundering Directive: Article 1 (1), no. 12.

Reference to: European Banking Authority, Guidelines for risk factors, JC 2017 37, 04.01.2018.

UniFin ApS’s conclusion of correspondent relationships with a respondent falls under the AML/CTF Act. This applies to both correspondent relationships in EU and EEA countries and correspondent relationships outside the EU/EEA.

UniFin ApS defines correspondent relationships as:

  • The provision of financial services by one financial institution (correspondent) to another financial institution (respondent), including opening a current account or debit account, as well as other services such as cash management, international transfers, etc.
  • Relationships between one financial institution falling under Section 1 (1), items 1-13 or 19 (correspondent), and another financial institution falling under Section 1 (1), items 1-13 or 19 (respondent), when similar services are provided, including relationships established for the purposes of securities transactions or funds transfer.

UniFin ApS recognizes that correspondent relationships are not established when carrying out a single transaction.

When determining whether a transaction is individual or represents correspondent relationships, UniFin ApS will take into account the risk associated with the transaction, including the size of the amount and the financial product. UniFin ApS will have clear procedures for this, including how to ensure that this was a single transaction.

15.1. KYC procedures

If UniFin ApS’s correspondent relationships are within the EU/EEA, the general rule is that UniFin ApS can conduct normal KYC procedures, including conducting a specific risk assessment of specific business relationships with the respondent, etc. This risk assessment may lead to UniFin ApS concluding that it is necessary to conduct enhanced KYC procedures in relation to the respondent. See Section 12.2.1 on correspondent relationships within the EU/EEA.

If UniFin ApS’s correspondent relationships with the respondent are outside the EU/EEA and are not related to payment processing, then UniFin ApS will conduct normal KYC procedures, including conducting a specific risk assessment of specific business relationships with the respondent, etc.

As soon as UniFin ApS establishes correspondent relationships related to payment processing with a respondent institution located in a country outside the EU/EEA with which no agreements have been concluded in the financial sphere, UniFin ApS will implement enhanced KYC procedures in relation to the respondent.

The obligation to conduct KYC procedures lies with the correspondent, as the correspondent is the organization that provides (sells) financial services to another organization, while the respondent is the organization that receives (buys) financial services directly from the correspondent. Therefore, only the correspondent is obliged to perform KYC procedures in relation to the respondent. In the case where financial services are provided on a mutual basis (in both directions), both organizations will conduct KYC procedures. See Section 12.2.

UniFin ApS’s KYC procedures will be completed before the organization falling under Section 1 (1), items 1-13 and 19 of the AML/CTF Act, can establish correspondent relationships.

15.2. Correspondent’s obligations

If organizations mutually exchange (buy and sell) financial services with each other, each organization (correspondent) must conduct KYC procedures in relation to its client (respondent). This means that both organizations must conduct KYC procedures in relation to the counterparty in the mutual exchange of services.

Correspondent’s obligations in accordance with Section 19 of the AML Act (in addition to general obligations in accordance with Section 11)

If UniFin ApS establishes a correspondent relationship that includes payment execution with a respondent from a country that is not a member of the EU or EEA, UniFin ApS will be obliged to:

  • obtain sufficient information about the respondent to understand what its business consists of;
  • assess the respondent’s reputation based on publicly available information;
  • assess the quality of supervision to which the respondent is subject in the country where it is located, for example, based on FATF, IMF or other organizations’ reports, or by contacting the respondent’s supervisory authority regarding its supervisory activities;
  • obtain sufficient information to ensure that the respondent has effective control procedures to comply with anti-money laundering and terrorist financing rules;
  • obtain approval from the AML officer;
  • document the responsibility of the correspondent and respondent for fulfilling the requirements of the AML Act.

15.3. Responsibility

UniFin ApS cannot be relieved of responsibility when receiving assistance from third parties and, consequently, is obliged to conduct KYC procedures independently, including obtaining data about the client in accordance with the AML/CTF Act.

UniFin ApS is also responsible for correctly conducting a risk assessment of its clients, including determining what the risk assessment requires in terms of knowing the client, monitoring the client, etc. in accordance with the AML/CTF Act.

If a client or group of clients is assessed by UniFin ApS as high-risk, then UniFin ApS must ensure that enhanced KYC procedures are conducted. In principle, it will be necessary to obtain additional sufficient data about such a client or group of clients.

UniFin ApS’s responsibility means that it must ensure sufficient knowledge about the third party that can guarantee the company that the performance of Section 11 (1), items 1-4 by the third party is effective. Thus, UniFin ApS must explain to the supervisory authority the adequacy of its knowledge of the client.

16. Record keeping

Reference to the AML Act: Section 30.

Reference to the 4th Money Laundering Directive: Articles 40-43.

Reference to the 5th Money Laundering Directive: Article 1 (1), nos. 25 and 26.

UniFin ApS will store the following information:

  • All information obtained as part of KYC procedures, including identification and identity verification data, as well as copies of presented identity documents.
  • Documentation and records of transactions conducted within the framework of business relationships or individual transactions.
  • Documents and registration data related to the obligation to conduct investigations and keep records.

UniFin ApS will store such information for at least 5 years after the end of business relationships, and for individual transactions - for at least 5 years after the completion of the transaction.

Since all data obtained during UniFin ApS’s KYC procedures must be saved, UniFin ApS will also store all information about the purpose and intended nature of business relationships, source of funds, etc., as well as data obtained by UniFin ApS for assessing client risks.

UniFin ApS will also store other important data, for example, information about the approval of business relationships with politically exposed persons (PEPs) and correspondent relationships.

If the client shared products or services with another client as part of their business relationships, for example, a joint account, and business relationships with the client are terminated, UniFin ApS will store the data for at least five years after the end of business relationships. Thus, the company is not obliged to store data on business relationships for more than five years after the end of business relationships with another client with whom the client shared products or services.

Deletion of personal data

Personal data held by UniFin ApS will be deleted 5 years after the end of business relationships or 5 years from the completion of an individual transaction. Relevant personal data will be deleted unless otherwise provided by other legislation.

Data on legal entities are not subject to the same requirements. Such data will be stored by UniFin ApS for a minimum of 5 years. After this period, the data can be deleted, but this is not mandatory. Data on natural persons, for example, beneficiaries of a legal entity, are considered personal data.

17. Freedom from liability

Reference to the AML Act: Section 37

Reference to the 4th Money Laundering Directive: Article 37.

Messages and information that UniFin ApS discloses in good faith to MLS in a report cannot be considered as a violation of the confidentiality obligation and, therefore, do not impose any liability on the company’s employees or management.

In this regard, UniFin ApS will act in good faith. Thus, UniFin ApS will not use this provision to, for example, suspend transactions if it is known that there are no circumstances subject to mandatory reporting.

18. Duty of confidentiality

Reference to the AML Act: Section 38 (1) and (8).

Reference to the 4th Money Laundering Directive: Article 39.

UniFin ApS, including its management and employees, will keep secret:

  • the fact of filing a report to MLS,
  • that the filing of a report is being considered,
  • that an investigation has been initiated, or
  • that an investigation will be initiated.

The duty of confidentiality covers only the information specified above. If UniFin ApS suspects that an employee of another company is laundering proceeds from, for example, misappropriation or abuse of trust in relation to the company, the duty of confidentiality cannot prevent UniFin ApS from informing the second company about the suspicion of misappropriation or abuse of trust.

Auditors or other persons performing or who have performed special tasks for UniFin ApS will be obliged to keep the information specified above secret.

UniFin ApS’s duty of confidentiality is indefinite. This means that even if the report does not lead to the client being charged with a criminal offense, UniFin ApS should not inform the client that a report was previously filed in relation to them.

UniFin ApS’s duty of confidentiality does not prevent lawyers, auditors, external accountants and tax consultants from advising their clients to refrain from illegal actions.

18.1. Exemptions to the duty of confidentiality

Upon request, UniFin ApS may disclose information that a report has been filed or is being considered for filing to authorities or organizations supervising compliance with the Anti-Money Laundering Act. Such bodies include the Danish Bar and Law Society, DBA, the Gaming Authority and FSA.

Information about reports can also be disclosed by UniFin ApS for law enforcement purposes. Law enforcement purposes include preventing, investigating, detecting and prosecuting criminal offenses, as well as protecting against and preventing threats to public security.

Disclosure of information by UniFin ApS between companies that are not part of the same group is possible under the following conditions:

  • that a report has been filed or is being considered for filing,
  • that an investigation has been initiated or will be initiated.

For the disclosure of information, UniFin ApS must meet three conditions:

  • the information must concern the same client and the same transaction,
  • the recipient of the information must be subject to measures to combat money laundering and terrorist financing that comply with the requirements of the Fourth Anti-Money Laundering Directive, and
  • the recipient is obliged to maintain confidentiality and protect personal data.

Part 4. Crypto activity of UniFin ApS, to which the provisions of this AML/CTF Policy apply.

1. Obligation to act honestly, fairly and professionally in the best interests of clients

UniFin ApS will act honestly, fairly and professionally in accordance with the best interests of its clients and potential clients.

UniFin ApS will provide its clients with information that is honest, clear and not misleading, including in marketing communications, which will be identified as such. UniFin ApS will not intentionally or negligently mislead the client regarding the real or perceived benefits of any crypto assets.

UniFin ApS will warn clients about the risks associated with transactions involving crypto assets. When managing a trading platform for crypto assets, exchanging crypto assets for cash or other crypto assets, providing advice on crypto assets or providing crypto asset portfolio management services, crypto asset service providers will provide their clients with hyperlinks to any technical documents on crypto assets for which they provide such services.

UniFin ApS will publish its pricing, expenses and fees policy prominently on its website.

2. Management mechanisms

UniFin ApS will make every effort to maintain a good reputation and possess the appropriate knowledge, skills and experience to perform its duties.

Shareholders and members of UniFin ApS, direct or indirect, having qualified holdings, will have a sufficiently good reputation and, in particular, will not be among those convicted of crimes related to money laundering or terrorist financing, or for any other crimes that may affect their good reputation.

In cases where the influence of shareholders or members of UniFin ApS, direct or indirect, having qualified holdings in the capital of the crypto asset service provider, may harm the reasonable and prudent. Management of UniFin ApS, the competent authorities will take appropriate measures to eliminate these risks.

UniFin ApS will adopt policies and procedures that are sufficiently effective to ensure compliance with the Regulations.

UniFin ApS will hire personnel with the knowledge, skills and experience necessary to perform the duties assigned to them, taking into account the scale, nature and range of crypto asset services provided.

UniFin ApS will evaluate and periodically review the effectiveness of political measures and procedures and take appropriate measures to address any shortcomings in this regard.

UniFin ApS will take all reasonable steps to ensure continuity and regularity in the performance of its services.

UniFin ApS will have the mechanisms, systems and procedures required by Regulation (EU) 2022/2554, as well as effective procedures and mechanisms for risk assessment, to comply with the provisions of national legislation transposing Directive (EU) 2015/849. UniFin ApS will monitor and regularly evaluate the adequacy and effectiveness of these mechanisms, systems and procedures, taking into account the scale, nature and range of crypto asset services provided and take appropriate measures to address any shortcomings in this regard.

UniFin ApS will have systems and procedures to protect the availability, authenticity, integrity and confidentiality of data in accordance with Regulation (EU) 2022/2554.

UniFin ApS will organize the keeping of records of all services, activities, orders and transactions that will be carried out. These records will be sufficient for the competent authorities to perform their supervisory tasks and take enforcement measures, in particular, to ascertain that UniFin ApS has fulfilled all obligations, including obligations towards clients or potential clients and to market integrity.

Such records will be made available to clients upon request and kept for five years, and in the case of a request from a competent authority before the expiration of five years - for seven years.

3. Information for competent authorities

UniFin ApS will promptly notify its competent authorities of any changes in the composition of its governing bodies before the commencement of activities by any new members, as well as provide its competent authorities with all necessary information to assess compliance with regulations.

4. Storage of crypto assets and client funds

UniFin ApS, owning crypto assets belonging to clients, or means of access to such crypto assets, will take appropriate measures to protect clients’ property rights, especially in the event of the insolvency of the crypto asset service provider, as well as to prevent the use of clients’ crypto assets in their own interests.

In cases where business models or crypto asset services require the storage of client funds other than electronic money tokens, UniFin ApS will have appropriate mechanisms to protect clients’ property rights and prevent the use of client funds in their own interests.

UniFin ApS will be able to independently or through a third party provide payment services related to the offered crypto asset service, provided that the crypto asset service provider itself or the third party is authorized to provide these services in accordance with Directive (EU) 2015/2366.

5. Ensuring the storage and administration of crypto assets on behalf of clients

UniFin ApS, providing services for the storage and administration of crypto assets on behalf of clients, will enter into agreements with its clients that specify their responsibilities and liabilities. Such agreements will include at least the following:

  • the identity of the parties to the agreement;
  • the nature of the crypto asset service provided and a description of this service;
  • custody policy;
  • means of communication between UniFin ApS and the client, including the client authentication system;
  • description of security systems used by UniFin ApS;
  • fees, costs and commissions charged by UniFin ApS;
  • applicable law.

UniFin ApS, providing services for the storage and administration of crypto assets on behalf of clients, will maintain a register of positions opened in the name of each client, corresponding to the rights of each client to crypto assets.

UniFin ApS, providing storage and administration of crypto assets on behalf of clients, will develop a custody policy with internal rules and procedures to ensure the safety or control of such crypto assets or means of access to crypto assets.

6. Operation of a trading platform for crypto assets

UniFin ApS, managing a trading platform for crypto assets, will establish, maintain and implement clear and transparent rules for the operation of the trading platform. These rules of operation will be able to:

  • establish approval processes, including customer due diligence requirements, proportionate to the risk of money laundering or terrorist financing presented by the applicant in accordance with Directive (EU) 2015/849, which are applied before admitting crypto assets to the trading platform;
  • define exclusion categories, if any, types of crypto assets that are not admitted to trading;
  • set out the policy, procedures and level of fees, if any, for admission to trading;
  • establish objective, non-discriminatory rules and proportionate criteria for participation in trading activities that promote fair and open access to the trading platform for clients wishing to trade;

  • establish non-discretionary rules and procedures to ensure fair and orderly trading, as well as objective criteria for the effective execution of orders;
  • establish conditions under which crypto assets remain available for trading, including liquidity thresholds and periodic disclosure requirements;
  • establish conditions under which trading in crypto assets may be suspended;
  • establish procedures to ensure effective settlements for both crypto assets and cash.

Before admitting a crypto asset to trading, UniFin ApS will ensure that the crypto asset complies with the rules of operation of the trading platform, and will assess the suitability of the relevant crypto asset. When assessing the suitability of a crypto asset, UniFin ApS will assess, in particular, the reliability of the technical solutions used and the potential connection with illegal or fraudulent activities, taking into account the experience, track record and reputation of the issuer of these crypto assets and its development team.

The rules of operation of the trading platform for crypto assets will prevent the admission to trading of crypto assets that have a built-in anonymization function, except in cases where the owners of these crypto assets and their transaction history can be identified by UniFin ApS.

The operational rules will be drawn up in the official language of the Member State of origin or in a language commonly used in the field of international finance.

UniFin ApS, managing a trading platform for crypto assets, will not conduct transactions on its own behalf on the trading platform for crypto assets that it manages.

UniFin ApS, managing a trading platform for crypto assets, will be able to participate in trading on an agreed principal basis only if the client has given consent to this process.

UniFin ApS, managing a trading platform for crypto assets, will have effective systems, procedures and mechanisms to ensure that its trading system:

  • is resilient;
  • has sufficient capacity to process peak volumes of orders and messages;
  • is able to ensure orderly trading under conditions of severe market stress;
  • has the ability to reject orders that exceed pre-established volume and price thresholds or are clearly erroneous;
  • is fully tested to ensure that the conditions are met;
  • is subject to effective business continuity measures to ensure continuity of services in the event of a failure of the trading system;
  • is able to prevent or detect market abuse;
  • is sufficiently robust to prevent its use for money laundering or terrorist financing purposes.

UniFin ApS, managing a trading platform for crypto assets, will inform its competent authority in the event of detecting cases of market abuse or attempts at market abuse occurring in their trading systems or through them.

UniFin ApS, managing a trading platform for crypto assets, will publish any bid and ask prices and the depth of trading interests at those prices that are advertised for crypto assets through the trading platform.

UniFin ApS, managing a trading platform for crypto assets, will publish the price, volume and time of transactions executed in relation to crypto assets traded on its trading platform.

UniFin ApS, managing a trading platform for crypto assets, will initiate final settlement for a crypto asset transaction in the distributed ledger within 24 hours of the execution of the transaction on the trading platform or, in the case of transactions settled outside the distributed ledger, no later than the close of the day.

UniFin ApS, managing a trading platform for crypto assets, will ensure that its fee structures are transparent, fair and non-discriminatory and that they do not create incentives to place, modify or cancel orders or to execute transactions.

UniFin ApS, managing a trading platform for crypto assets, will maintain resources and have backup capabilities to be able to report to its competent authority at any time.

UniFin ApS, managing a trading platform, will keep at the disposal of the competent authority for at least five years relevant data concerning all orders for crypto assets that are advertised through its systems, or provide the competent authority with access to the order book so that the competent authority can monitor trading activity.

7. Exchange of crypto assets for cash or other crypto assets

UniFin ApS, exchanging crypto assets for cash or other crypto assets, will establish a non-discriminatory commercial policy that, in particular, specifies the type of clients with whom they agree to conduct transactions.

UniFin ApS, exchanging crypto assets for cash or other crypto assets, will publish a firm price of crypto assets or a method for determining the price of crypto assets that it offers to exchange for cash or other crypto assets, as well as any applicable restrictions established in relation to the amount subject to exchange.

UniFin ApS, exchanging crypto assets for cash or other crypto assets, will execute client orders at the prices displayed at the time when the exchange order is final. UniFin ApS will inform its clients about the conditions under which their order is considered final.

UniFin ApS, exchanging crypto assets for cash or other crypto assets, will publish information about the transactions it has concluded, such as transaction volumes and prices.

8. Execution of orders for crypto assets on behalf of clients

UniFin ApS, executing orders for crypto assets on behalf of clients, will take all necessary steps to obtain the best possible result for its clients when executing orders, taking into account factors of price, costs, speed, likelihood of execution and settlement, size, nature, custody conditions of crypto assets or any other considerations relevant to the execution of the order.

To ensure compliance with paragraph 1, UniFin ApS, executing orders for crypto assets on behalf of clients, will establish and implement effective execution mechanisms. In particular, an order execution policy will be established and implemented to allow compliance with paragraph 1. The order execution policy will contain, among other things, provisions for ensuring prompt, fair and expeditious execution of client orders and preventing improper use by UniFin ApS employees of any information relating to client orders.

UniFin ApS, executing orders for crypto assets on behalf of clients, will provide its clients with appropriate and clear information about its order execution policy mentioned in paragraph 2, and any significant changes to it.

UniFin ApS, executing orders for crypto assets on behalf of clients, will be able to demonstrate to its clients upon their request that it has executed their orders in accordance with its order execution policy, and will be able to demonstrate to the competent authority upon its request its compliance with this article.

UniFin ApS, executing orders for crypto assets on behalf of clients, will monitor the effectiveness of its order execution arrangements and order execution policy with the aim of identifying and, if necessary, correcting any shortcomings in this regard.

9. Placement of crypto assets

UniFin ApS, placing crypto assets, will communicate the following information to the offeror, the person seeking admission to trading, or any third party acting on its behalf, before concluding an agreement with them:

  • the type of placement under consideration, including whether a minimum purchase amount is guaranteed or not;
  • an indication of the amount of transaction fees associated with the proposed placement;
  • the likely timing, process and price of the proposed transaction;
  • information about the target buyers.

10. Acceptance and transmission of orders for crypto assets on behalf of clients

UniFin ApS, receiving and transmitting orders for crypto assets on behalf of clients, will develop and implement procedures and arrangements to ensure prompt and proper transmission of client orders for execution on a trading platform for crypto assets or to another crypto asset service provider.

UniFin ApS, receiving and transmitting orders for crypto assets on behalf of clients, is not obliged to receive remuneration, discounts or non-monetary benefits in exchange for routing orders received from clients to a specific trading platform for crypto assets or another crypto asset service provider.

UniFin ApS, receiving and transmitting orders for crypto assets on behalf of clients, will not misuse information relating to pending client orders, and will take all reasonable measures to prevent misuse of such information by any of its employees.

11. Providing advice on crypto assets and ensuring crypto asset portfolio management

UniFin ApS, providing advice on crypto assets or ensuring crypto asset portfolio management, will assess whether crypto asset services or crypto assets are suitable for its clients or potential clients, taking into account the knowledge and experience of investing in crypto assets, its investment objectives, including risk tolerance, and its financial situation, including the ability to bear losses.

UniFin ApS, providing advice on crypto assets, will inform potential clients well in advance before providing advice on crypto assets whether the advice is:

  • provided on an independent basis;
  • based on a broad or more narrow analysis of different crypto assets, including the question of whether the recommendation is limited to crypto assets issued or offered by entities having close links with UniFin ApS or any other legal or economic relationships, such as contractual relationships, which may impair the independence of the advice provided.

UniFin ApS, providing crypto asset portfolio management, will provide its clients with periodic reports in electronic format on the portfolio management activities carried out on their behalf.

12. Providing crypto asset transfer services on behalf of clients

UniFin ApS, providing crypto asset transfer services on behalf of clients, will enter into an agreement with its clients that specifies their responsibilities and liabilities. Such an agreement will include at least the following:

  • the identity of the parties to the agreement;
  • description of the conditions for providing the transfer service;
  • description of the security systems used by UniFin ApS;
  • fees charged by UniFin ApS;
  • applicable law.

Socio-Economic Viability Project SOL LUCET OMNIBUS®

UniFin ApS

Copenhagen, Denmark

[email protected] https://unifin.finance

Copyright 2024 UniFin ApS, Socio-Economic Viability Project