AML/CTF legal and regulatory regimes for Alico (UK) Limited

What is this guide and why is it important?

This guidance is made to outlay the importance of complying with the law and defining Anti Money Laundering (AML), Counter Terrorist Finance (CTF) and Counter Fraud Procedures. It will also include a brief description of the policies and procedures. Sanction list and risk-based approach will be explained with examples of how money can be laundered and how to stop it.

This guide will helps us:

• Detect and prevent money laundering & terrorist financing.
• Identify suspicious activity;
• Comply with our local laws and other AML regulations.

The money laundering legislation in the UK

Under the Money Laundering and Terrorist Financing Regulations 2019 (MLRs), the company is obliged to provide all members of staff training on the law relating to money laundering/counter terrorist financing. We ensure that all our staff member have read the legislation so that they are aware of the potential criminal offences and the penalties. Where appropriate, HMRC guidance on the legislation is included to avoid confusion. Staff will be tested on their knowledge of the law as we are obliged to ensure that they are aware of it.

alicoexchange@hotmail.com

The regulations set against money laundering are:

• Proceeds of Crime Act 2002
• Terrorism Act 2000
• Criminal Finances Act 2017
• The Bribery Act 2010
  Note: more details regarding Bribery and Corruption are contained in the Manuals
• Terrorist Asset-Freezing etc. Act 2010
• Anti-terrorism, Crime and Security Act 2001
• Counter-Terrorism Act 2008, Schedule 7
• Counter-Terrorism Act 2008, Schedule 7
• Regulation (EU) 2015/847 on information accompanying transfers of funds (the Payments Regulation)
• Payment Service Regulations 2017
• Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 - hereafter referred to as the '2017 Regs'.
• Money Laundering and Terrorist Financing Regulations [Amendments] 2019 'The 2019 Regs'

Alico (UK) Limited responsibilities is to maintain with the regulations. Therefore, Alico (UK) Limited have appointed a Money Laundering Reporting Officer (MLRO) who will carry out regular audit on compliance with the regulations such as

• actively check adherence to the policies, controls, and procedures
• review of how effective they are
• recommend and carry out improvements

Key facts about Alico (UK) Limited

• A UK Registered Company with Head Office in London.
• Registered in companies house under04402104
• Supervised in UK by the Financial Conduct Authority, under the Payment Services Directive2017 (FRN: 535954).
• Registered with Data Protection
• Registered with HMRC MLR NumberXDML00000115193

To get in touch with our compliance officer please see below email address and our office

Director / MLRO Name: Mr. Qaisar Syed

Phone: +44 020 8470 9333

Email: alicoexchange@hotmail.com

Branches:

Alico UK Ltd currently has 4 branches and the senior management is committed to strictly monitor the compliance level of all branches with the policy and procedures of Alico UK Ltd. All Branches have been frequently visited by internal and external compliance officers on regular basis to ensure that the branches are complying with company's policy and procedures on anti-money laundering terrorist financing, fraud prevention, record keeping, and training.

1: Peckham
Unit 22, 137-139 Rye Lane Peckham London SE15 4ST Tel: 02072778598

2: East Ham
8 Station Parade, High Street North, East Ham E6 1JD

3: Southall
18B The Broadway, Southall UB1 IPS, T: 0205716661

4: Walthamstow
227 High Street, Walthamstow E17 7BH, T: 02085210999

Staff training and awareness

All employees are given the appropriate training and are responsible for reading the AML manual, understanding their responsibilities, and acting accordingly. Ensure that company procedures are followed and all documentary evidence is obtained as specified in the manual. Ensure that all suspicious events are reported to MLRO. This training is conducted by the Compliance Officer or the compliance Trainer.

Nominated Officers/MLROs, senior managers and others involved in ongoing monitoring of business relationships and other internal control procedures will need different training, tailored to their particular functions.

Staff training is necessary when staff join the business, move to a new job or when they change roles.

Alico (UK) Limited gives training its entire staff every 12 months as part of ongoing staff training, to make staff aware of changing behaviour and practices amongst money launderers and those financing terrorism.

Safeguarding

Alico (UK) Limited is well aware of its obligation of safeguarding of funds as stated within the Electronic Money Regulations 2011 (EMRs) and Payment Services Regulations 2017 (PSRs).

• The obligation to safeguard starts immediately on receipt of funds ('relevant funds').
• The purpose of safeguarding is to protect customers funds held by an institution. They do this by ensuring that those funds are either placed in a separate account from the institution's working capital and other funds, or are covered by an appropriate insurance policy or comparable guarantee.
• In case of the insolvency of an institution, claims of e-money holders or payment service users are paid from the asset pool formed from these funds in priority to all other creditors

How do we comply with duty?

The objective of the safeguarding rules is to consider what would happen to our client's funds in the unlikely event that our firm went into administration. When we receive funds in relation to a trade, the money is received into a client bank account. Those client accounts are not commingled with firm money and in the unlikely event of administration, no other creditors can have access to these funds. We conduct daily reconciliations to ensure that the client balances as per our internal records corresponds to the funds held in the client accounts.

Data protection

The data protection legislation, i.e. the data protection act 2018 and the general data protection regulation (GDPR) governs the processing of information relating to individuals, including obtaining, holding, use or disclosure of information.

Personal data obtained by a business under the regulations may only be processed for the prevention of money laundering and terrorist financing unless use of the data is allowed by other legislation or after obtaining the consent of the data subject.

Alico (UK) Limited has a Data Protection policy which covers that personal data will only be used for the purposes of preventing money laundering and terrorist financing and provide them with the information as required under article 13 of the GDPR.

Customer due diligence and transaction processing

Customer due diligence means taking steps to identify our customers and checking they are who they are by asking government issued photo document and an official document; such as passport, driving license, utility bill and bank statement. Other sources of customer information include the electoral register and information held by credit reference agency.

What is customer due diligence?

The meaning and application of customer due diligence is set out inFinancing (Amendment) Regulations 2019regulation 27 and paragraph 10 of Schedule 7 to the Counter Terrorism Act 2008.

These regulations require businesses to:

This regulation applies when a relevant person is required by regulation 27 to apply customer duediligence measures.

• The relevant person must identify the customer unless the identity of that customer is known to, and has been verified by, the relevant
• verify the customer's identity unless the customer's identity has already been verified by the relevant person; and
• assess, and where appropriate obtain information on, the purpose and intended nature of the business relationship or occasional

Beneficial ownership:

A business relationship exists where the company sets up a process with the customer which makes it easier for them to make regular transactions. It is our company policy that a business relationship exists in one of the following situations:

• a unique customer number is allocated and a customer registration form is completed
• a loyalty card is issued
• customers are able to deposit cash into the company bank account
• customers can make transactions by telephone or over the internet
• customers are offered credit facilities

In situations where a business relationship exists, there is an obligation to obtain a proof of ID, plus confirmation of purpose of transaction and source of funds. There is an obligation on the company to monitor all transactions carried out in the business relationship (see transaction monitoring).

We know how to identify the existence of any beneficial owners (the section on customer due diligencegives information on who is abeneficial owner). We verify the beneficial owner's identity so that we are satisfied that we know who the beneficial owner is. If it is a legal person we takereasonable measures to understand the ownership structure.

We will not have satisfied our obligation to identify, verify and understand the structure of a beneficial ownership if we rely solely on the information contained in a register of persons withsignificant control.

Where a customer is incorporated and in exceptional circumstances, where we have made unsuccessful attempts, and have exhausted all ways, to identify the beneficial owner of a corporate body we may treat the most senior person managing the customer as the beneficial owner. We will keep records of all the steps we have taken to identify the beneficial owner and why they have been unsuccessful.

Identifying all 'beneficial owners', where applicable, and taking adequate risk-based measures to verify their identity. This may be because we need to establish the ownership structure of a company, partnership or trust. The beneficial owner is the person who's behind the customer and who owns or controls the customer or it's the customer on whose behalf a transaction or activity is carried out.

If we have doubts about a customer's identity then we stop dealing with them until we are sure

• Obtaining information on the purpose and intended nature of the business relationship
• Conducting ongoing monitoring of the business relationship, to ensure transactions are consistent with what the business knows about the customer, and the risk assessment
• Retain records of these checks and update them when there are changes

Alico (UK) Limited do customer due diligence when:

• Establishing a business relationship with a customer
• Money laundering or terrorist financing is suspected
• When we suspect that information obtained for due diligence checks on a customer is not reliable
• When it's necessary for existing customers - for example if their circumstances change
• Carry out an 'occasional transaction' worth £10,000 or more

Occasional transaction

An occasional transaction is a transaction of (or the sterling equivalent) that is not part of an ongoingbusiness relationship. It also applies to a series of transactions totalling £10,000 or more, where thereappears to be a link between transactions (linked transactions).

Linked Transactions

It is company policy that transactions are 'linked' when the following criteria apply:

• The same sending customer has sent £10,000 or more in the last three months to the same receiving customer in a number of individual transactions
• Three sending customers or more are sending to the same receiving customer (or receiving address or receiving telephone number) AND the receiving customer or bank account has received more than £10,000 in last 3 three months
• A sending customer is sending funds on behalf of one or several
• In the event that 'linked' transactions are identified, they should be notified to the MLRO who will determine whether or not there are any suspicious circumstances which mean the transaction should be reported to NCA.

Non-compliance with customer due diligence

If we find that customer is not complying while performing the customer due diligence measures, then we do not: -

• Carry out a transaction with or for the customer
• Establish a business relationship or carry out an occasional transaction with the customer.
• Terminate any existing business relationship with the customer
• Consider making a suspicious activity report
• If no suspicious activity report is made, record the reasons why it is considered that a report is not required

Identifying Individuals

As part of our customer due diligence measures, we identify individuals. We obtain a private individual's full name, date of birth and residential address as a minimum. We verify these using current government issued documents with the customer's full name and photo, with a customer's date of birth or residential address such as: -

• A valid passport
• A valid photo card driving licence (full or provisional)
• A national identity cards
• Firearms certificate
• An identity card issued by the Electoral Office for Northern Ireland

When verifying the identity of a customer using the above list of government issued documents, we take a copy and keep it in the customer's file.

Where the customer doesn't have one of the above documents, we ask for the following: -

A government issued document (without a photo) which includes the customer's full name and also secondary evidence of the customer's address, for example an old-style driving licence or recent evidence of entitlement to state or local authority funded benefit such as housing benefit, council tax benefit, pension, tax credit.

Secondary evidence of the customer's address, not downloaded from the internet, for example a utility bill, bank, building society or credit union statement or a most recent mortgage statement.

If Alico (UK) Limited verify the customer's identity by documents, Alico (UK) Limited see the originals and not accept photocopies, nor accept downloads of bills, unless certified as described below: -

Photocopy's identity documents can be accepted as evidence provided that each copy document has an original certification by an appropriate person to confirm that it is a true copy and the person is who they say they are for standard customer due diligence an appropriate person is for example a bank, financial institution, solicitor or notary, independent professional person, a family doctor, chartered accountant, civil servant, or minister of religion.

Alico (UK) Limited check the documents to satisfy ourselves of the customer's identity. This may include checking: -

• Spellings
• Validity
• Photo likeness
• Whether addresses match

If a member of our staff has visited an individual at their home address. A record of their visit may corroborate the individual's residential address (instead of the need for a second document). This is covered in the risk assessment.

Where an agent, representative or any other person acts on behalf of the customer we ensure that they are authorised to do so, identify them and verify the identity using documents from a reliable and independent source.

Transaction monitoring

The number and volume of transactions going through the company will be monitored, together with scrutiny of transactions, according to risks parameters relating to

• Customers
• Products
• Delivery channels
• Geographical area of operation.

The MLRO reviews all the transactions which are being processed by each customer. This means the MLRO reviews on a daily, weekly and monthly basis whether the volume of transactions which is being processed by the customer is consistent with what was anticipated when the customer was registered, keep a watch out for a sudden increase in business from an existing customer, look out for uncharacteristic transactions which are not in keeping with the customer's known level of activity, lookout for peaks of activity at particular locations or at particular times, lookout for unfamiliar or untypical types of customer or transaction, lookout for transactions related to potential sanctions list matches or PEP's.

Know your customer (KYC)

KYC requirement are key aspects in Alico (UK) Limited relationships with its clients. The requirement to carry out customer due diligence and enhanced due diligence has given it an increased importance as it needs taking steps to identify our customers and checking they are who they say they are. KYC is a keystone in the fight against money laundering, serving to ensure our dealings are with genuine customers and organisations, and assisting in the identification of suspicious behaviour.

Obtaining the KYC information is only the first step to understanding with whom we are dealing. Alico (UK) Limited system is designed in a way that it continuously reviews the customer's data with Risk Based approach in mind and when its necessary system will automatically request additional information on that customer account. This is to enable us to know enough about the customer and it is reasonably satisfied that they are genuine and do not pose a significant money laundering risk. We therefore apply this policy with this objective in mind.

Customer Document Verification

Customer are advised to upload proof of identification when sending money such as Photo ID, Proof of identifications which will be accepted are the following

• Valid Signed Passport
• Valid Driving License
• Provisional License (UK ONLY)
• Residency Card
• Emergency Travel Documents
• Emergency/Temporary Passport

Please Note: Proof of identification is checked any expired documents or counterfeit papers will not be processed, please also be ensure that all Photo ID's and confidential documents are highly protected on our server.

Changes and modifications to client's details

Up-to-date information are kept of our customers so that we can:

• amend our risk assessment of a particular customer if their circumstances change
• carry out further due diligence measures if necessary

Changes of circumstance may include:

• a big change in the level or type of business activity
• a change in the ownership structure of a business

All customers are made aware that information is held for 5 years - random checks may be made on information supplied and if any details are incorrect, customers will be suspended from the system until the customer supplies the updated personal information. Our Staff particularly take care to make sure that customer ID information previously supplied is still valid (and that ID documents have not expired). Any customer address information provided is re-verified at least every twelve months.

When to accept or decline a transaction

It is company policy that a transaction are declined in the following circumstances:

• customer provides insufficient CDD information when required
• customer is unable to provide ID and proof of address when required
• customer is unable to provide proof of source of funds when requested

Enhanced Due Diligence (EDD)

Enhanced due diligence (EDD) is a KYC process that provides a greater level of scrutiny of potential business partnerships and highlights risk that cannot be detected by customer due diligence. EDD goes beyond CDD and looks to establish a higher level of identity assurance by obtaining the customer's identity and address, and evaluating the risk category of the customer.

Enhanced due diligence is specifically designed for dealing with high-risk or high-net worth customers and large transactions. Because these customers and transactions pose greater risks to the financial sector, they are heavily regulated and monitored in order to ensure that everything is on the up and up.

When to carry out enhanced due diligence

In some situations, we carry out 'enhanced due diligence'. These situations are:

• when the customer is not physically present when we carry out identification checks
• when we enter into a business relationship with a 'politically exposed person' - typically, a non-UK or domestic member of parliament, head of state or government, or government minister and their family members and known close associates
• when we enter into a transaction with a person from a high risk third country identified by the UK
• any other situation where there's a higher risk of money laundering
  The enhanced due diligence measures for customers who are not physically present and other higher risk situations include:
• obtaining further information to establish the customer's identity
• applying extra measures to check documents supplied by a credit or financial institution
• making sure that the first payment is made from an account that was opened with a credit institution in the customer's name
• finding out where funds have come from and what the purpose of the transaction is
  The enhanced due diligence measures when we deal with a politically exposed person are:
• making sure that only senior management gives approval for a new business relationship
• taking adequate measures to establish where the person's wealth and the funds involved in the business relationship come from
• carrying out stricter ongoing monitoring of the business relationship

Financial Sanctions

UK financial sanctions apply within the territory of the UK and to all UK persons, wherever we are in the world.

Alico (UK) Limited undertake activities within the UK's territory and would comply with the UK financial sanctions that are in force. Alico (UK) Limited is established under UK law, including our branches, also comply with UK financial sanctions that are in force, irrespective of where their activities take place.

ID System

After registration of clients, a unique ID number will be assigned. Clients are obliged to use their Unique ID Number in all communications and transactions with us for security purposes. The outcome is that we can assure that we only deal with the right person and prevent usage of client's account by others. Identity checks are done by asking security questions such as date of birth, postcode, and contact numbers.

These checks are strictly implemented before proceeding with the transaction.

Business Monitoring

It is the responsibility of the MLRO to monitor all the activity of the business with particular reference to the potential financial crime risk. The MLRO will keep a close eye on the following criteria and provide a report to senior management when required.

Alico (UK) Limited have set rules to prevent the system to prevent transactions and cause inconvenience to the clients:

• Initial limit of GBP 1 for incomplete KYC requirements
• Quarterly limit of GBP 5000 for the Sender requires declaration document to be completed
• Sender added more than 5 active beneficiaries
• Both sender and beneficiary names match with those names in the Sanctions List.

Monitoring customer activity helps to identify unusual activity. If unusual events cannot be rationallyexplained, they may involve money laundering or terrorist financing. Monitoring helps give greaterassurance that our company is not being used for the purposes of ML or TF.

Ongoing monitoring means first, scrutinizing transactions to ensure that the transactions are consistent with our knowledge of the customer and his or her normal activity and risk profile, and secondly ensuring that the documents, data or information that provide evidence of the customer's identity are kept up-to-date.

If, over time, a customer's cumulative value of transactions reaches £10,000, we review the customer's activity, and repeat the review with every further £5,000. This 'milestone review' involves assessing the customer's pattern of behaviour such as the amounts sent on each occasion and the frequency of sending.

Record Keeping

The records that Alico (UK) Limited, keeps:

• Copies of the evidence obtained of a customer's identity for five years after the end of the business relationship
• Details of customer transactions for five years from the date of the transaction
• Details of actions taken in respect of internal and external suspicion reports
• Details of information considered by the nominated officer in respect of an internal report, where the nominated officer does not make a suspicious activity report
• Copies of the evidence obtained if we are relied on by another person to carry out customer due diligence, for five years from the date of the agreement, the agreement will be in writing

We also maintain:

• a written record of our risk assessment
• a written record of our policies, controls, and procedure

Transaction and business relationship records (for example, account files, relevant business correspondence, daily log books, receipts, cheques, and so on) are maintained in a form from which a satisfactory audit trail may be compiled, and which may establish a financial profile of any suspect account or customer.

How long the customer due diligence records are kept?

We keep records of customer due diligence checks and businesstransactions:

• for 5 years after the end of the business relationship
• for 5 years from the date an occasional transaction was completed
• We also keep supporting records for 5 years after the end of a business relationship
• We keep records from closed branches or agents

The records are reviewed periodically to ensure, for example, that a fresh copy documents is held.

Our risk assessment and policies, controls and procedures are kept up to date and be amended to reflect any changes in our business.