Compliance & Risk Manual GCBIB
Version 2.0 Date 1.3.2020
GCBIB Asset Management
Compliance & Risk Management
GCBIB ASSET MANAGEMENT OÜ, sees adherence to Anti Money Laundering (AML) and Know Your Customer (KYC) regulations as fundamental to its business. At GCBIB ASSET MANAGEMENT OÜ, we consider meeting the standards of the regulator a competitive advantage.
Global penetration is presently under 2%. A major reason for this is the unease amongst potential clients that it is illegal, could be abused in the Darkweb and for terrorist financing. GCBIB ASSET MANAGEMENT OÜ sees a huge advantage in making the GCBIB ASSET MANAGEMENT OÜ accessible to the much larger 98% of the global population, by:
Our compliance and Risk Management processes will be aligned along the following structure:
GCBIB ASSET MANAGEMENT OÜ will regularly update the measures and checks detailed in the following sections, in order to be compliant and deliver added value on an ongoing basis to our clients.
External data sources for these controls will be consulted, updated and reviewed on an ongoing basis to make sure all systems are up to date.
A - Client Onboarding
To access our platform / services, all potential clients have to register. Without registration, none of our services, internal pages, products etc. are accessible to users. GCBIB ASSET MANAGEMENT OÜ cannot be bought, sold or transferred without being duly registered on our platform.
A1 - Registration and Capturing KYC data
Clients can register for our products and services at our website GCBIB Asset Management OÜ.net
The following information will be required in order for natural persons to register for our products and services:
Date of Birth
Source of Income
Registered Bank Account
The following information will be required for the legal entities:
Company Identification document
Registered Bank Account
Information on natural Person (as in natural person above) who establishes the relationship for the legal entity
A2 – Identity Verification
The verification of the client’s identity is compliant with the regulations. The following guidelines will be adhered to:
Obtaining an electronic copy of the official identification document (Passport or Id) of the applicant
Use of suitable technical aids for reading and decrypting the information in the machine-readable zone (MRZ) on the identification document
Verification of the identity of the applicant party by means of a TAN
Transfer of funds from an account or credit card belonging to the applicant
Verification of the place of residence by means of utility bill, postal delivery or public / trustworthy register
All captured KYC and identity data will be stored and protected based on our privacy rules and would be available for audit purposes to regulators.
A3 – Setup of Client Relationship
The following check will be carried out based on the information gathered in A1 & A2:
The domicile of the applicants will be checked against a list of countries that are permitted to register on our platform and clients that do not meet these requirements will not be on-boarded. Applicants domiciled in any of the following countries on the UN embargos list will not be on-boarded on our platform:
Applicants from high risk countries, will be on-boarded, but subjected to enhanced due diligence.
Applicants stating that they are working in the following sensitive areas will not be on-boarded on our platform:
All applicants will be checked against globally accepted data on political exposure and tagged as such. All PEP’s will be placed on our enhanced due diligence list and monitored regularly.
All applicants who pass these checks, will be confirmed by the AMLA and a relationship will be opened with them. They will receive an email to their indicated email address, with an email verification link. They will receive an sms to their indicated phone number, with an OTP verification code. Once the email and the phone number is verified, the account will become active and the client will receive an initial password to login to the platform. Clients will be required to change their passwords after the first login.
Clients would have the possibility of updating their personal data in the platform on an ongoing basis, and this will always trigger a review of the relationship.
An annual review of each client’s KYC data will be conducted to ensure that KYC data are up to date.
B – Transaction Monitoring
GCBIB ASSET MANAGEMENT OÜ in line with the AML guidelines will monitor on an ongoing basis, all transactions on its platform. Considering that we have a blockchain solution, all transactions – buy, sell and transfer of GCBIB ASSET MANAGEMENT OÜ are written on the blockchain and cannot be changed or deleted. This creates a transaction history of each client’s interaction from the first time they register on the platform.
B1 – AML Monitoring
In order to guard against any form of money laundering, the following measures are in place for all clients on our platform:
Inflows – Inflows by clients for the purchase of GCBIB ASSET MANAGEMENT OÜ or other transactions are only accepted via Bank transfer from an account of the client that is registered in the system, via registered credit cards or PayPal accounts. All other inflows will trigger enhanced due diligence.
Plausibility checks – checks will be made where the data, pattern or amounts received from clients do not match their KYC profiles. This would include users who login from countries other than the domicile declared in the KYC (check of IP addresses), mismatch in income and transaction volume, and other transaction behaviors that lead to suspicion will automatically trigger an enhanced due diligence.
Transaction volume – All clients have an annual transaction volume of Euro 10’000. Once this volume is reached, additional purchases will trigger enhanced due diligence
B2 – Threshold Checks
In order to guard against any form of money laundering, the following threshold check will be performed for all clients on our platform:
Transaction Volume – There is a threshold of Euro 10’000 on all accounts. Once this is breached enhance due diligence is triggered.
Transaction frequency – Ongoing monitoring of the number of transactions a user is making. All trades will be documented, but as long as it stays within the Euro 10’000 limit, it will be accepted. Else, enhanced due diligence will be triggered.
Risk Countries - Clients from high risk countries have a lower threshold of Euro 5’000. Once breached, enhanced due diligence will be triggered.
C – Enhance Due Diligence (EDD)
GCBIB ASSET MANAGEMENT OÜ realizes that in order to have proper risk mitigation, there will be borderline cases that require actual human intervention and decision. Our EDD process is meant to capture all borderline cases, EDD triggers and any other unforeseen situations that our processes do not cover.
All EDD cases must follow a 4-eyes principle. Cases will be dealt with by customer services’ personnel and referred to AMLA (Risk Officer) for the final decision and approval. The AMLA if unsure, can refer the case to the BoD for final decision.
All EDD cases have to be properly documented and flagged in the system. The following are to be captured:
Documentation of EDD Trigger
Analysis of case by Customer Service
Recommendation of Customer Service
Decision and approval by AMLA
Next review (if required)
Depending on the trigger, various measures need to be taken in order to validate whether the client is in violation with AML or other regulations. The following measures amongst others could be applied in order to create transparency and decisions:
Plausibility check of trigger against KYC and client history
Review of KYC
Contacting client and asking for evidence or additional documentation
Phone call to client in case there is doubt regarding domicile
Require client to send bank statement
Require client to send employment contract
Call client to validate reasons for transaction or divergence in transaction pattern
Place IP address on watch list
Place Account on watch list
Where a client is proven to be circumventing or breaching AML or KYC regulations, the following measure shall be taken: