Term
1. Introduction

1.1. Please read this KYC/AML Policy carefully before using the www.finstream.org website, APIs, or mobile applications. You are required to read and understand it before using the Services. If you are in any doubt about any of the contents of this document, you should obtain independent professional advice.
1.2. OUR SERVICES ARE NOT BEING OFFERED TO ANY RESIDENT OF OR ANY PERSON LOCATED OR DOMICILED IN THE RESTRICTED JURISDICTIONS AS DEFINED HEREIN AS WELL AS ANY REGION OR ANY COUNTRY OR TERRITORY THAT IS SUBJECT OF COUNTRY-WIDE OR TERRITORY-WIDE SANCTIONS.
1.3. Agreement with this KYC/AML Policy. By accessing, browsing, and using our Website through whatever platform and/or by completing an Account registration, you acknowledge and agree to have read, understood, and agreed to this KYC/AML Policy set out below. If you do not accept this KYC/AML Policy, you shall not use the Services.
1.4. Best Effort. As a responsible and liable member of the crypto community, we put all possible efforts in place to protect our Users and maintain our impeccable reputation when it comes to AML/CTF and international financial sanctions measures.
1.5. Internal KYC/AML Policy. This document is a short public version of our Internal KYC/AML Policy to give our Users a brief understanding of the mechanisms we use to comply with the above-mentioned regulations and different sanction regimes in order to prevent people engaged in ML/TF, fraud, and other illicit activities from using our Services. It is the policy of Finstream to prohibit and actively prevent money laundering and any activity that facilitates money laundering or the financing of terrorist or criminal activities. We will comply with all applicable requirements and regulations. Money laundering is generally defined as engaging in acts designed to conceal or disguise the true origins of criminally derived proceeds so that the proceeds appear to have derived from legitimate origins or constitute legitimate assets. Finstream has a zero-tolerance policy for money laundering activities. Our AML/CFT policies, procedures, and internal controls are designed to ensure compliance with all applicable regulations and will be reviewed and updated on a regular basis to ensure appropriate policies, procedures, and internal controls are in place to account for both changes in regulations and changes in our business.
1.6. Purposes. This AML Policy aims to prevent the use of Finstream’s services by criminal entities for the purposes of money laundering, financing of terrorism, fraud, corruption, or any other criminal activity. To this end, the company has established a strict money laundering detection and prevention policy. Also, to counter money laundering, the company has implemented a sophisticated electronic customer verification system and introduced detailed statistics logging for all customer transactions. Furthermore, Finstream, under no circumstances, accepts cash from or pays cash to its customers. The company reserves the right to suspend any transaction of its customer that may be considered illegal or, in Finstream employees’ opinion, may be related to money laundering.
1.7. Regulatory Framework. The principal requirements, obligations and penalties, on which Finstream AML policy is based, are contained in:
⎯ Requirements and procedure for identification of persons and verification of person’s identity data with information technology means;
⎯ International Sanctions Act;
⎯ Directive 2015/849/EU of the European Parliament and of the Council of 20th May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, as amended by Directive 2018/843 of the European Parliament and of the Council of 30th May 2018;
⎯ Revised Wire Transfer Regulation (EU) 2015/847;
⎯ Revised FATF Recommendations;
⎯ BCBS Guidelines: Sound management of risks related to money laundering and financing of terrorism;
⎯ the Wolfsberg Statement Guidance on a

2. Amendments to this policy

2.1. We reserve the right to update this KYC/AML Policy at any time with immediate effect by publishing the updated KYC/AML Policy on the Website. All such changes will take effect once they have been posted on the Website and you will be deemed to have accepted any such changes by using the Website and the Services from such time, or, where possible, giving notice to you by email to your last known email address, such notice to be effective immediately.
2.2. If You Do Not Agree with the KYC/AML Policy. It is important that you review this KYC/AML Policy on a regular basis to ensure that you are familiar with the terms in force from time to time and/or any changes made to them. If you do not agree to any amendments, you must discontinue using our Services and contact us to cancel your Account.

3. Policies and controls

3.1. We have implemented measures, which protect and prevent us and our Users from involvement in money laundering and terrorist financing activities, sanctions programs, fraud and other illicit activities by:
⎯ Establishing and maintaining risk-based CDD, identification and verification procedures including KYC procedures;
⎯ Establishing and performing risk-based approach to the assessment and management of money laundering and terrorist financing risks faced by us and our Users;
⎯ Providing ongoing transactions monitoring and suspicious transactions analysis and reporting internally and to the relevant authorities;
⎯ Maintaining appropriate records;
⎯ Providing AML/CFT training for and raising awareness among all relevant employees.
3.2. We have a designated Money Laundering Reporting Officer (Nominated Officer) (“MLRO”). The MLRO has full responsibility for our AML/CFT program. The duties of the MLRO will include monitoring our compliance with AML/CFT obligations, overseeing communication and training for employees and overseeing software modifications to ensure they comply with AML/CFT obligations. The MLRO will also ensure that we keep and maintain all of the required AML/CFT records.

4. User identification and verification (KYC and CDD) ⎯ Full name;
⎯ Date of birth;
⎯ Country of residence and residential address;
⎯ Phone number, which Finstream will send test message or call to verify the identity;
⎯ Email with which account is registered. This is followed by verification of the customer’s phone number in all kinds of databases, such as yellow/white pages;
⎯ Verified proof of ID (Color copy of Passport, or National ID, or International Driving License) & Verified proof of residence (Utility Bill, Bank Statement with transactions, Bank reference letter no more than 3 months old) and a selfie taken live during verification procedure.

4.1. General. The objective of KYC and CDD is to identify Users and verify their identity. We may ask you either at the time of registering as a User or upon execution of any transactions while requesting access to different Services or periodically for purposes of updating records and ongoing CDD and procedures to provide ID Information and certain documents.
4.2. Information and Documents Required for Services access. In order to use the Services provided by the Company you will need to register an Account and, where necessary, perform KYC procedures, so you will be required to provide certain ID Information and documents.
4.3. KYC - identification and verification of new customers, deposits, transfers and withdrawals. In order to verify the account (confirm the customers’ identity), the user must provide the following information:
4.4. Third-Party Authentication. As a part of the verification process, Finstream reserves the right to request one or more appropriate third-party service providers to assist us in authentication and/or verification of the valid documents and other incidental details provided by you.
4.5. Finstream will perform AML checks within the following, but not limited to, databases: the Office of Foreign Assets Control (OFAC), European Union sanctions (EU), United Nations sanctions (UN).
4.6. Finstream will be monitoring customer transactions on a daily basis in real-time for risk within abovementioned databases. Furthermore, all existing clients will be screened against the updated databases every day.
4.8. If a potential or existing customer either refuses to provide the information described above when requested, or appears to have intentionally provided misleading information, we will deactivate the account and, after considering the risks involved, consider closing any existing account. In either case, our MLRO will be notified so that we can determine whether we should report the situation to the authorities.
4.11. Based on the risk, and to the extent reasonable and practicable, we will ensure that we have a reasonable belief that we know the true identity of our customers by using risk-based procedures to verify and document the accuracy of the information we get about our customers, but in any case complying with the statutory requirements. The MLRO will analyze the information we obtain to determine whether the information is sufficient to form a reasonable belief that we know the true identity of the customer (e.g., whether the information is logical or contains inconsistencies). We will verify customer identity through documentary means, non-documentary means or both.
4.12. Enhanced KYC/CDD. In addition to standard KYC/CDD procedures we also reserve the right to apply additional KYC/CDD measures set forth in this KYC/AML Policy when:
⎯ τηερε ισ α συσπιχιον οφ ΜΛ/ΤΦ, ρεγαρδλεσσ οφ ανψ δερογατιον, εξεμπτιον ορ τηρεσηολδ;
⎯ there are doubts about the veracity or adequacy of previously obtained ID Information and documents;
⎯ new ID Information or documents has been provided by you;
⎯ higher than average risk or substantial transactions volumes are observed on your Account.
4.13. Right to Request Additional Documents. We reserve a right to request any additional documents, including but not limited to, verification of the source of funds involved in the transaction, and/or information to complete the Account registration or to complete a pending transaction as we deem necessary, as well as to refuse registration or transaction processing altogether as a result of the KYC and CDD procedures. Such refusals and requests are done via email or push-notifications and do not need to be justified or explained by us in any manner.
4.14. We will monitor account activity for unusual size, volume, pattern or type of transactions, taking into account risk factors and red flags that are appropriate to our business. The MLRO or his or her designee will be responsible for this monitoring, will review any activity that our monitoring system detects, will determine whether any additional steps are required, will document when and how this monitoring is carried out, and will report suspicious activities to the appropriate authorities. The MLRO or his or her designee will conduct an appropriate investigation and review relevant information from internal or third-party sources before the authorities are notified. We monitor possible insufficient or suspicious information provided by the customer, particularly when the customer:
⎯ Provides unusual or suspicious identification documents that cannot be readily verified;
⎯ Reluctant to provide complete information about nature and purpose of transaction, anticipated account activity etc;
⎯ Refuses to identify a legitimate source for funds or information is false, misleading or substantially incorrect;
⎯ Background is questionable or differs from expectations based on business activities.
⎯ at any time you obtain a new ID document or renew the previous one;
⎯ at any time the you change personal identity number (if applicable);
⎯ at any time you change your name or surname;
⎯ at any time you change phone number, email address or residential address. In the course of using our Services you will also be asked to update your ID Information:
⎯ For Low and Medium Risk Profile Users once every 12 months;
⎯ For High Risk Profile Users once every 6 months.
4.15. Information Update. For the purposes of the implementation of this KYC/AML Policy and ML/TF risk mitigation and to ensure that the information that we hold on you is always accurate and up to date you shall provide us with updated ID Information and applicable documents in order to continue using our Services in any of the following cases:
4.16. Data Protection. We do our best to protect your ID Information and provide documents in accordance with the applicable laws and regulations. For further information about our rules on privacy please refer our Privacy Policy at https://Finstream.com/terms

5. Risk consideration

5.1. Risk-Based Approach. In conducting KYC/CDD and ongoing monitoring we implement a risk-based approach, meaning that the standards of due diligence, filtering and monitoring vary in view of the specific risks a (prospective) User may pose. This approach allows for the possibility to use different measures and controls in different situations and risk levels, depending on: the users, their background, their transaction activities, the source and nature of funds, and the geographies involved.
5.2. We will conduct our KYC/CDD and activities monitoring based on a risk-based approach:
⎯ for Users, determined by us to present medium risk of ML/TF, standard KYC/CDD measures set forth in this policy shall apply;
⎯ for some users, determined by us to present a low risk of ML/TF, simplified KYC/CDD and monitoring may be applied;
⎯ in the case of high risk profile enhanced KYC/ CDD measures (including but not limited to additional verification details or proof of sources of funds, additional information on the nature of the transaction) and enhanced monitoring will be applied.


6. Detection of suspicious transactions and reporting requirements

6.1. Determining Suspicious Transactions. We reserve the right to apply this KYC/AML Policy, Terms of Use and other operating rules, and internal controls to mitigate ML/TF risks by monitoring your transactions for suspicious activity. We may use manual screening or software-based solutions to determine whether a transaction is deemed to be suspicious according to local and/or applicable international legislation, official guidelines, industry best practices, or our internal policies.
6.2.We reserve the right to take appropriate action, including, but not limited to informing relevant competent or law enforcement authorities about identified suspicious transactions in accordance with local regulation without any prior notification to you.

7. Retention and record keeping

7.1. For the purpose of preventing, detecting and investigating unusual and suspicious transactions, we reserve the right to keep electronic records of all transactions and due diligence measures carried out in accordance with GDPR, validAML/CFT regulations, KYC/AML Policy, subject always to the provisions of our Privacy Policy.

8. Your responsibilities

8.1. You shall:
⎯ comply with any requirements of applicable law, including international, regulating AML and combating TF standards;
⎯ avoid conducting illegal financial activities and any other illegal transactions using our Services;
⎯ guarantee lawful source and your legal right to control the fiat and virtual currency on your Account balance.
8.2. Suspension, Limitation and Cancelation due to Incomplete Verification. We reserve the right to limit, suspend or cancel the Account to Users, who have not verified their identity or set up a necessary level of security of Account, or to ask such User to complete verification procedure once again.
8.3. Suspension, Limitation and Cancelation due to Failure to Comply with this KYC/AML Policy. Should the User fail to comply with the requirements set out by this KYC/AML Policy on any stage of the User identification process and/or further CDD screenings we will exercise our right to limit, suspend, or cancel User’s Account or access to the Services for such User. We will normally give a notice of any limitation, suspension, or cancellation of the Account but it may, if it is reasonable to do so (for example we consider it advisable for security reasons), limit, suspend or cancel the Account without any prior notice to User. We also reserve the right to decline any pending transactions requested by the User and to investigate transactions of doubtful nature and inform relevant competent or law enforcement authorities regarding the suspicious activities of any User.
© 2022 Finstream OÜ. License FVT000153 issued by the Estonian Police and Border Guard Board.
All right reserved, 18+
Customer services
Company address
Made on
Tilda