KYC Policy
1. Introduction
At Evelors, we prioritize the safety, security, and integrity of our business operations. Our Know Your Customer (KYC) Policy serves as a foundational framework designed to establish stringent procedures for client identification, risk assessment, and ongoing monitoring. By adhering to this policy, we aim to mitigate the risks of financial crime, uphold regulatory compliance, and safeguard the interests of both our firm and our clients.
Evelors has established Know Your Counterparty (KYC) procedures to combat money laundering and the financing of terrorism. These procedures allow us to identify every organization that we deal with, to understand the legitimacy of our business relationships and to identify and react to unusual or suspicious activity.
To support our KYC policy and procedures, Evelors Limited has developed a KYC form which we send to all our counterparties (this is our business partners and customers) to collect relevant business information to identify risks of money-laundering. We require the form to be completed for all existing and new counterparties.
By collecting and reviewing the information in completed KYC forms, Evelors commits to
- establishing the identity of our counterparties;
- checking that our counterparties are not considered high-risk (this means checking whether counterparties are based in FATF high-risk jurisdictions, named on government sponsored watchlists or international (UN) sanctions lists, or if they source from conflict-affected and high-risk areas (CAHRAs));
- maintaining an understanding of the nature and legitimacy of all our counterparties’ businesses;
- maintaining KYC records for at least five years ;
- monitoring transactions for unusual or suspicious activity – this type of activity will cause the counterparty to be considered high-risk.
If counterparties are considered high-risk for any reason (for example named on a sanctions list or engaging in unusual activity) we may:
- Cease working with the counterparty ;
- Identify the beneficial owners of the counterparty and check whether the beneficial owners are on any watchlists or sanctions list.
2. Purpose
Our KYC Policy serves the following key purposes:
- Client Identification and Verification: We meticulously collect and verify the identity of our clients to ensure compliance with regulatory requirements and mitigate the risks associated with money laundering, terrorist financing, and other financial crimes.
- Risk Assessment: We conduct thorough risk assessments for each client, taking into account various factors such as jurisdiction, business activities, reputation, and the source of funds. This enables us to categorize clients based on their risk profile and apply appropriate due diligence measures.
- Ongoing Monitoring: We continuously monitor client relationships to detect any suspicious activity or changes in circumstances that may pose a risk to our firm or our clients. This proactive approach allows us to identify and address potential issues in a timely manner.
3. Client Identification and Verification
To ensure the accuracy and reliability of client information, we adhere to the following procedures:
- Individual Clients: For individual clients, we collect and verify personal identification documents such as passports, national identity cards, or driver’s licenses. We also obtain additional information such as residential address and contact details.
- Corporate Clients: For corporate clients, we gather information about the company’s structure, ownership, and beneficial owners. This includes obtaining corporate documents such as certificates of incorporation, shareholder registers, and proof of registered address.
- Verification Process: We verify the authenticity of client-provided documents through reliable sources such as government databases, public records, and third-party verification services. This helps us ensure that the information provided is accurate and up-to-date.
- In-Person Verification for UK Residents:
- UK national residents will undergo in-person verification.
- Verification will include checking one document with a photograph (e.g., passport) and one document confirming the address (e.g., utility bill).
- An online identity and AML check will follow.
- Document Acceptance and Maintenance:
- Only original hard copy documents will be accepted for examination.
- The firm’s MLRO will maintain a list of acceptable documents obtained from reliable sources.
- Electronically held information sources must be risk-assessed prior to use.
- Acceptance of Alternative Verification:
- In cases where clients cannot provide acceptable documents, responsible person may make risk-based decisions on accepting available documents, consulting with the MLRO if needed.
- Verification for Non-UK Residents or Remote Clients:
- Risk-based decisions on verification methods will be made by responsible person, consulting with the MLRO if necessary.
- Identification of Beneficial Owners:
- Steps will be taken to determine beneficial ownership of client assets, and their identity will be verified according to the procedure.
- Verification for Corporate Entities:
- Responsible person will ensure the appropriate incorporation and registration of corporate entities.
- Beneficial owners and individuals with significant control will have their identity verified according to the procedure.
- Procedures for Corporate Requests:
- MLRO will prepare a format for requesting identity and ownership information from relevant corporate entities and trustees, with follow-up procedures.
- Treatment of Unidentifiable Beneficial Owners:
- In cases where beneficial ownership cannot be identified, the responsible solicitor may seek MLRO approval to consider the senior person managing the entity as the beneficial owner.
4. Risk Assessment
Our risk assessment process involves:
- Client Profiling: We analyze various factors such as the client’s jurisdiction, industry, business activities, and transaction patterns to assess their risk profile.
- Enhanced Due Diligence: High-risk clients or transactions are subjected to enhanced due diligence measures, which may include additional documentation requirements, background checks, and ongoing monitoring.
- Risk Scoring: We assign risk scores to clients based on the results of our risk assessment, allowing us to prioritize resources and apply appropriate risk management measures.
- The designated individual will collect Know Your Client’s Business (KYCB) information from clients in the following instances:
- Upon accepting a new client.
- Upon receiving a new instruction from a client with one-off arrangements.
- Upon any significant changes in the client’s arrangements, such as transaction size or frequency, business nature, involvement of new parties, or jurisdictions.
- As an ongoing process throughout the client relationship.
- The KYCB information gathered from clients will encompass, but not be confined to:
- The client’s rationale for selecting our firm.
- The purpose and business justification behind the services requested from our firm.
- The origin of funds introduced or assets involved in the client’s arrangements.
- Details regarding the nature, size, frequency, source, and destination of anticipated transactions.
- Business justification for all uses of structures and entities.
- Information on counterparties and jurisdictions involved.
- This information will be obtained through pertinent questioning of the client, and where feasible, the responses will be verified as part of the normal course of the relationship.
- Client-provided information will be documented in the client file to facilitate future monitoring of the client relationship.
- Responses that cannot be readily verified should still be assessed alongside other client details to ensure consistency and plausibility.
- In cases where client responses appear implausible or inconsistent with other information, or if the client is unwilling to provide satisfactory answers to due diligence inquiries, the responsible individual will consider whether terminating the relationship is necessary.
- KYCB information, or its absence, will be considered by all staff when evaluating potential grounds for suspecting money laundering.
5. Ongoing Monitoring
We maintain continuous vigilance over client relationships through:
- Transaction Monitoring: We monitor client transactions and account activities for any signs of unusual or suspicious behavior that may indicate potential financial crime.
- Periodic Reviews: We conduct periodic reviews of client information to ensure its accuracy and completeness. This includes updating client profiles, verifying changes in circumstances, and reassessing risk ratings as necessary.
- Record-Keeping: We maintain comprehensive records of client interactions, transactions, and due diligence efforts in accordance with regulatory requirements. This enables us to demonstrate compliance and respond effectively to regulatory inquiries.
- All staff members will remain vigilant for clients’ instructions and transactions that deviate significantly from expected norms.
- The firm will implement an appropriate mechanism to monitor clients’ transactions based on their volume and staff involvement in execution. If an automated transaction monitoring system is utilized, it must undergo a risk assessment prior to implementation.
- When a client’s instruction or transaction deviates from expectations:
- An explanation will be sought, potentially by contacting the client directly.
- Involvement of unexpected jurisdictions or organizations will be verified with the firm’s MLRO for potential alerts or sanctions.
- If a satisfactory explanation is provided, the client file will be updated to reflect the explanation and any changes in anticipated client activities.
- If no satisfactory explanation is obtained, the matter will be escalated to the MLRO to consider potential money laundering suspicions.
- The MLRO will assess whether a re-assessment of money laundering risk is warranted and conduct it accordingly.
- The MLRO will enhance staff training by providing guidance on identifying significant deviations in client instructions and transactions that warrant attention.
- Regardless of specific incidents prompting a re-assessment of money laundering risk, all client files will undergo periodic review to ensure:
- The information remains accurate, adequate, and up to date.
- The level of client due diligence remains appropriate.
- Periodic reviews of client files will occur as follows:
- For all clients, random file sampling will be conducted monthly.
- AML due diligence reviews may coincide with business development assessments, but the AML review must be clearly documented separately on the file.
6.Training and Awareness
We prioritize employee training and client education to enhance awareness and compliance:
- Employee Training: We provide comprehensive training to our employees on KYC principles, procedures, and best practices. This equips them with the knowledge and skills necessary to fulfill their obligations and detect potential risks.
- Client Education: We educate our clients on the importance of KYC compliance and their role in preventing financial crime. This includes providing guidance on document submission, transaction monitoring, and reporting suspicious activity.
- The MLRO, in collaboration with the firm’s training officer, will assess alternative AML training methods, products, and services to offer suitable training activities to all staff members with client interaction or access to client information.
- The training provided will consider:
- Tailoring the level of knowledge and understanding to each individual’s role within the firm.
- Ensuring ongoing refresher training to maintain the required level of knowledge.
- Assigning different training programs based on the risk sensitivity of each staff member’s role.
- Evaluating the cost and time-effectiveness of available training methods and media.
- The training program will incorporate methods to confirm that each individual has attained the necessary level of knowledge and understanding, whether through formal testing, informal discussion assessment, or other means.Special attention will be given to addressing the training requirements of senior management and the compliance team.
- Responsibilities of the MLRO include:
- Communicating the training program requirements and completion timeline to all staff members.
- Verifying the completion of assigned training programs by all staff members and issuing reminders to those who haven’t met the deadline.
- Referring cases of non-compliance to the business owner.
- Maintaining records of completed training, including evaluation results demonstrating individual competence.
- Upon the conclusion of a training cycle, the MLRO will ensure the continuation of ongoing training, considering:
- The effectiveness of the completed training program.
- The necessity of updating training materials with changes in laws, regulations, guidance, and practices.
- The MLRO will identify their own training needs and ensure the acquisition of appropriate knowledge and understanding to fulfill the obligations of their role.