ANTI-MONEY LAUNDERING (AML) POLICY
LOTUS INFORMATION TECHNOLOGIES LTD Last Updated: Monday, April 29, 2025
1. Purpose
This AML Policy outlines the commitment of LOTUS INFORMATION TECHNOLOGIES LTD ("the Company") to detect, prevent, and report money laundering and terrorism financing activities in accordance with the UK Money Laundering Regulations 2017, the Proceeds of Crime Act 2002, and guidance provided by the Financial Conduct Authority (FCA).
2. Scope
This policy applies to all products, services, customers, employees, and business operations of the Company, including the operation of our fintech platform and cryptocurrency wallet services.
3. AML Compliance Officer
We designate an AML Compliance Officer (MLRO) responsible for:
Overseeing the Company’s AML compliance program
Receiving and investigating internal suspicious activity reports (SARs)
Filing SARs with the National Crime Agency (NCA)
Training staff and reviewing AML policies regularly
4. Customer Due Diligence (CDD)
We implement risk-based CDD for all customers:
Standard CDD for regular users
Enhanced Due Diligence (EDD) for high-risk users, including:
Politically Exposed Persons (PEPs)
Users from high-risk jurisdictions
Transactions above defined thresholds
CDD Process includes:
Identity verification (name, address, DOB)
Document collection (passport, utility bills, etc.)
Liveness checks and biometric verification
Ongoing monitoring
5. Know Your Customer (KYC)
We collect and verify user data via reliable, independent sources. Our KYC checks include:
Name matching against global sanctions lists (e.g., OFAC, UN)
Proof of address
Source of funds and wealth when required
6. Ongoing Monitoring
We monitor customer transactions for:
Large or unusual transfers
Rapid movement of funds across wallets
Use of mixing services or privacy coins (e.g., Monero)
Layering or other suspicious behaviors
Flagged transactions are reviewed manually and may trigger a SAR.
7. Suspicious Activity Reporting (SAR)
If suspicious activity is identified, the AML Officer will:
Document the transaction details
Evaluate the suspicion internally
Submit a SAR to the NCA (UK) using the SAR Online system
Important: Staff are prohibited from "tipping off" the customer under UK law.
8. Record Keeping
We retain the following records for at least 5 years:
KYC documents and verifications
Transaction logs
SARs and internal communications
AML training records
9. Staff Training
All employees undergo mandatory AML training:
At onboarding
Annually
Whenever regulations or internal procedures change
10. Risk Assessment
We maintain a documented, risk-based approach that considers:
Customer type
Transaction type and size
Delivery channel (e.g., mobile app, web)
Jurisdiction
Our risk assessment framework is reviewed and updated periodically.
11. Independent Audit
We commission periodic, independent audits of our AML program to ensure compliance with UK laws and internal standards.
Last updated