RULES OF INTERNAL CONTROL REGARDING PREVENTION OF MONEY LAUNDERING AND
FINANCING OF TERRORISM (‘AML Policy’)
The current AML policy has been developed in accordance with the
applicable legislation of the Republic of Estonia, i.e. the
requirements of §14 (‘Rules
of procedure and internal control rules’) of Money Laundering
and Terrorist Financing Prevention Act.
The AML policy is a set of internal rules and regulations that is
used by the Company in order to check and reveal documentation and
information regarding its operation that is under obligatory control,
and other operations with money or property that may be in any way
connected to money legalisation (money laundering) or finance of
terrorism, and the provision of such information to the state
The AML policy is a document that:
Regulates the organisation of activity regarding the prevention of
legalisation of illegally obtained funds (money laundering) and the
financing of terrorism;
Sets the obligations and obligatory procedures for the employees
regarding internal control;
Sets the terms for the fulfilment of obligations by the employees and
sets the authorized control persons.
The AML policy contains further programs:
A program for the overview of internal control methods;
A program for the implementation of internal control methods;
Client and persons associated with client’s identification
A risk analysis program;
A program for the regulation of commercial relations with clients;
A program for the regulation obligatory actions in case there are
suspicions of money laundering;
A correspondence exchange program;
An information documentation program;
A transaction refusal program;
An employee preparation program;
An internal control program;
A document maintenance program regarding documentation that was
obtained during the execution of the internal control program.
The company is providing the cryptocurrency and cryptocurrency wallet
The person responsible for the accurate implementation of the present
policy is named by the company management board in accordance with
the articles of association and applicable legislation.
Organizational basis for the control methods
The person responsible for the implementation of the provisions in
the present document is appointed by the written order of the
management board of the company.
In order to adequately implement the current policy, considering the
volume of clients and associated risk levels, the company has formed
a separate group, including a member of the board, the head
accountant and the head of the legal department.
All subsidiaries and structural parts are accountable before the
authorized group in the field of suspicious transactions. All matters
regarding initial client identification are handled by the
corresponding structural parts of the company.
A company official is named as the contact person between
TR3ZORDIGITAL OÜ and the Financial inspection of Estonia. The
contact person must have the required knowledge and skills to carry
out his obligation and the present policy. The contact person shall
only be accountable before a member of the board and will perform the
to the financial inspection of any data regarding clients, their
associated persons, and transactions, which may be connected to
Implementation of control methods
Control methods are used in the following areas:
any case when the sum of the transaction exceeds 6400 EUR or an
equivalent in any other currency;
there is any doubt that the provided data is accurate;
the planned transaction is needlessly complex;
Additional control methods are implemented in the event that the
Client changes the conditions of the transaction, increasing the risk
Additional methods for the control of a suspicious transaction:
Client and their associated persons identification program
The initial identification of the client is made on the basis of the
provided client identification document.
Regarding the physical persons the following is confirmed:
During identification, the documents are checked for accuracy of the
information provided and the following is confirmed:
there be any doubt regarding the document, the state authorities that
issued the document may be contacted in order to obtain the necessary
Should the Client present an ID, a copy is made, the quality of which
allows to review the data contained in the document.
When the identity of a physical person is confirmed it is also
confirmed whether he is a state official;
state official is a person who has a state appointed position in any
country of the European Union or any other country or who holds a
position in an International organisation. Further data regarding the
state officials to be gathered:
Only official sources may be used to check the provided information,
such as state registries or foreign representatives. Other sources
may be used if there is no doubt regarding their accuracy and
Trustworthy Client recommendation does not replace the proper review
Identification of a physical person that acts as a representative is
made in accordance with the provisions of this policy.
Identification of a physical person is not a one-time procedure. The
information regarding the physical person should be checked
constantly and updated when necessary.
Should there be any doubt, the actual beneficiary must be revealed –
a person that actually controls the legal person and receives profit
The following information must be obtained during the registration of
a legal person:
Regarding the legal persons the following information is gathered:
The review of information is made by the use of public registries and
databases or by sending inquiries to the state authorities.
Certificate from a registry may be replaced by an authorised access
to the registry.
All documents issued by foreign state authorities must be legalised
or have an apostille, except the documents from Latvia, Lithuania,
Poland, Russia, or Ukraine. The present provision may be amended if
Estonia signs and ratifies an international agreement with other
states that will make the apostille unnecessary.
The control of the legal entity management board or another similar
control organ must also be carried out regarding their connection to
state officials, also regarding beneficiaries and their
representatives. Should the information provided by the Client not be
trustworthy enough, the information may be reviewed by the means of
an inquiry to state officials or international organisations.
All the provided information is gathered and carefully studied to
reveal whether the company has any subsidiaries, representatives or
is in any way connected to countries that do not cooperate in the
field of international opposition to money laundering and finance of
terrorism, or if those states are considered to be low tax
If the legal entity is an international organisation, then its field
of activity must be confirmed by the provisions of documentation
regarding activities in Estonia. The information in the documents
must be checked.
If the legal entity acts as a representative of another entity, then
the information of that other entity must also be gathered in
accordance with this policy.
Only an authorised legal representative may register a legal entity
on the website of TR3ZORDIGITAL OÜ. The authorised
representative must provide sufficient documentation proving his
authority to represent the legal person. Should the provided
documents fail to provide the required information or if there is any
doubt regarding their accuracy, no commercial relationship may be
initiated and the account may be blocked. The document proving the
authority must contain further information:
Any transaction with the legal person requires the registration of
the current beneficiary.
Should a person have more than one beneficiary, then all other
beneficiaries must also be registered.
Should it prove impossible to clarify the beneficiaries of the
company, all owners of the company must be confirmed and sufficient
explanation must be provided by the Client.
Special care should be taken when confirming the actual beneficiary
if the planned transaction may in any way be connected to the
increase of the risk due to the field of activity of the legal
person, state of registration, type of provided services and nature
of the transaction, and also if the legal person is registered or
connected to a low tax jurisdiction.
A non-resident legal person must abide by the same identification
process outlined above. TR3ZORDIGITAL OÜ has the right to deny
any transaction if the legal person is a resident of a country whose
legislation violates the provisions of this AML policy.
Should the risk of the transaction be considered low or should there
be reasons to consider the risk of commercial relations low, a
simplified control method of client identification may be used, by
checking the data through the publically available databases that can
be considered trustworthy. Aside from the low risk level that was
given under the risk analysis following the provisions of part 5 of
this Document, additional reasons to consider the transaction to be
low risk are the following:
of the simplified control method does not free the company from the
obligation to make sure that the transaction is transparent.
Should the risk of the transaction be considered high or should there
be reasons to consider the risk of commercial relations high, a
higher-level control method of client identification should be used,
by requesting the client to provide additional information and
documents that can rule out the risk. Information is also to be
provided to the financial inspection of Estonia to get more
instructions. Aside from the high-risk level that was given under the
risk analysis following the provisions of part 5 of this Document,
additional reasons to consider the transaction to be high risk are
circumstances for the transactions;
client operates with high volumes of cash;
legal person client has hidden owners or recipient type shares;
structure of the legal person is too complex and confusing;
or unknown goods are the subject of the transaction and transaction
specifics are unusual;
transaction is made for anonymity purposes;
third parties make payments following the transaction;
Any Client and his planned transaction are evaluated regarding the
risk factor of money laundering and finance of terrorism.
During the risk evaluation the Client is given the risk status, from
lowest to highest, by the means of evaluating further risk factors:
corporate structure and field of activity;
the Client is a state official or is connected to one;
the Client is represented by a legal person;
the beneficiary of a physical person is a third party;
are problems identifying the beneficiary;
Client is connected to low tax jurisdictions;
Client is subject to international sanctions;
Client is a typical client;
is positive experience of cooperation with the Client;
of the planned transaction;
of the transaction;
the Clients are stable or constantly shifting;
during identification procedures;
The nature of the transaction must be evaluated to set the risk
The transaction may be awarded with a low, medium or high-risk status
depending on the following factors:
Geographical circumstances are to be evaluated (to determine a
The transaction may be awarded with a low, medium or high-risk status
depending on the following geographical actors:
transaction involves a state that does not cooperate in the field of
money laundering prevention and finance of terrorism;
transaction involves a state with a high crime rate or trafficking
Along with the risks connected to the Client, risks regarding his
partners or associated persons are also evaluated.
The risk evaluation is performed by giving each risk group a status
on a three-point scale:
is considered low if no category has a risk factor and the
transaction is clear;
is considered medium if there are risk factors, but the transaction
itself is clear, though there are suspicions that all of the risk
factors together may indicate money laundering or finance of
result is achieved by adding the factor of each category, whereas
risks regarding client and partner is multiplied by two and then the
whole sum is divided by a factor of 4.
Commercial relationship with the Client
Any commercial relationship with the Client is initiated only after
the Client agreed to act in accordance with the present AML policy.
Before the start of commercial relationship the following must be
information is kept in a written form.
Should there be a representative between a physical or legal person,
the company is to ensure that there is actual contact between the
client and the representative.
in case of suspicions regarding money laundering and obligation to
Should there be any suspicion before the initiation of commercial
relationship or during the use of control methods, that the
transactions may be connected to money laundering or finance of
terrorism, further cooperation is impossible.
Any suspicions are registered and analysed by the contact person. The
Anti Money Laundering Bureau of Estonia and the Financial inspection
of Estonia must be notified immediately of the results of the
All information regarding any transactions that is 32000 EUR or
higher must be provided to the Anti Money Laundering Bureau of
Estonia and the Financial Inspection of Estonia.
Should the denial to perform the transaction result in damages to the
Client or the arrest of a person suspected in money laundering or
terrorism, the transaction may be delayed or performed on the
condition that the Financial Inspection is informed without delay.
All the information provided to the Financial Inspection is kept in
an archive in accordance with provision 13 of the present document,
including the data analysis results.
Persons suspected of money laundering or the finance of terrorism
should not be provided any information regarding the suspicions or
notified of them by any other means.
Should it be deemed by the management to be necessary to implement
the control method, a correspondence exchange with third parties may
be initiated, including banks and other financial institutions,
should that allow to gather more accurate information.
The correspondence exchange must be drawn up in the form of a two-way
agreement, including the control methods used.
There can be no correspondence exchange with shadow banks, unlicensed
organizations or with organizations situated in jurisdictions whose
legislation is not up to the international standards in the field of
Anti money laundering legislation and prevention of the finance of
Information recording program
Information recording program sets the obligation for the company
employee who performed the transaction to draw up an internal
document containing all the specifics of the transaction that must
The category of the transactions and the reasons why the transaction
may be considered a high-risk transaction;
The details of the transactions, including the volume of the
transaction and currency;
The details on the persons involved in the transactions;
The information on the Company employee involved and his signature;
The date of the act;
A written letter from the company management board member or from
another authorized person regarding a transaction performed under
Information regarding any additional methods of control used in
regard to the transactions;
There is no pre-arranged act form. Acts are made by hand by each
employee and are presented to the member of the management board for
Transaction denial program
If the Client, despite his obligation, did not present the required
documentation in accordance with the control methods, the applicable
legislation, and this policy, the Client will be denied in the
performance of the transaction.
Should the Client fail to present information regarding the source of
the funds upon the request, the transactions shall also be denied.
Information regarding the transaction denial must be kept in
accordance with provision 13 of this policy, including:
The decision regarding the denial to perform the transaction may be
reversed if the Client provides the required information and
documents or if such shall be set by the decision of the following
Company employees training program
The program regarding the training of employees in the field of Anti
Money Laundering Legislation and Prevention of the finance of
terrorism is made in accordance to the applicable legislation and
includes proper instructions for the employee regarding the control
methods and information analysis. Any employee must be properly
instructed by the authorised workers during the period of a month
from the start of employment.
Internal control review program
The internal control review program ensures that the employees and
members of the company abide by the provisions of the applicable
legislation in the field of income legalisation obtained by illegal
means and the finance of terrorism. The program ensures that the
employees abide by internal company rules and regulations in the
field of internal control.
Internal controls set the following rules:
Regularly, at least once every six months, internal checks must be
carried out regarding the proper implementation of internal
regulations and applicable legislation.
TR3ZORDIGITAL OÜ member of the board must be provided with
regular written reports regarding all the violations of internal
regulations in the field of money laundering prevention and
prevention of the finance of terrorism.
All violations revealed during checks must be properly handled by the
means chosen by the management board member.
Document maintenance program
All documents connected to the client identification procedure as
well as all the information regarding the start of commercial
cooperation must be maintained in the company archive for no less
than 5 years.
All documents that became the reason for notifying the state
authorities must be maintained for no less than 5 years.
All information on the inquiries made in order to abide by the
provisions of the applicable legislation must be kept for no less
than 5 years from the start of commercial cooperation. If the
identity was confirmed by the means of a digital document, then the
picture of the person and their signature is kept for no less than 5
years from the date of the end of commercial cooperation.
The documents must be maintained in a form that allows their written
reproduction, so that they would be readily available for financial
control or for other state authorities in accordance with the
applicable legislation, should they be required for use in civil,
criminal, or arbitrary proceedings.
control rules set the confidentiality standards for the information
that was received during identification process and other means
prescribed by the applicable legislation.
Management board member