Instruction (procedural rules)
To meet the requirements of the law on suppression of money laundering and financing of terrorism (as amended on 27.11.2017).
Certified by the decision of the Board of Aridika Corporation OÜ from 21.12.2018 in Tallinn.
1.1 This instruction sets out internal security measures to comply with the requirements of diligence and to identify suspicious and unnatural transactions in all areas of the enterprise.
1.2 the company's Employees must know and strictly follow the provisions of the law on suppression of money laundering and financing of terrorism, the recommendation of the data Bureau on money laundering on the signs of a transaction with suspicion of money laundering, other guidelines and requirements that come from the company's management and other regulatory acts.
1.3 Employees are required to be aware of changes in laws and other legal acts that are published on the official website of the money laundering data Bureau http://www.politsei.ee/et/organisatsioon/rahapesu/
1.4 employees of the company who have been familiarized with these procedural rules and have put their signature bear personal responsibility for the violation on the basis of the law on suppression of money laundering and financing of terrorism.
1.5 a Copy of these procedural rules shall be made available to all employees.
2.1 money Laundering
(1) money Laundering means the following acts with property received as a result of the Commission of an offence or with property received in its place:
1) hiding or concealing the true nature, origin, IU-hundred the location, disposition, movement, rights itself-STI or other associated rights;
(2) transformation, transfer, appropriation, possession or use for the purpose of concealment or secrecy of the illicit origin or assistance of a person involved in criminal activities so that the person may evade the legal consequences of his or her act.
(2) money Laundering also occurs in the case where criminal activity, which was obtained used in the laundering of money, property, conducted on the territory of another state.
2.2 financing of terrorism
The financing of terrorism is the financing of a terrorist offence within the meaning of article 237 of the Penal code.
2.3 the Law on prevention of money laundering and the financing of terrorism re-gulerul - application by the taxable persons diligence measures to prevent money laundering and financing of terrorism, supervision of obliged, whether-tsami in the execution of the law, the bases for the activities of the Bureau data about the washing off the Deposit of money, liability of the parties liable for violation of the requirements of master-penitent law.
2.4 contact person - from the management of the enterprise must be assigned a worker who will be the contact person between the company and the Bureau of data on money laundering and other agencies on the organization of supervision.
The decision of the Board to appoint a contact person Roman Kraynyak, Yes-that birth 26.04.1980
2.5 Client - a person who has used or is using the services offered by the enterprise.
2.6 Business relations - business relations in the interpretation of this guide are the services provided by the enterprise.
2.7 the Regular customer is the customer with whom the contract for continuous service is signed.
2.8 the face of the state background
A public entity background – the physical person performing or IP-panassie essential tasks of public authorities, as well as family members and close colleagues of these individuals. the state-owned background is not considered the person that have not performed at least during the year to the date of the transaction the essential tasks of public authorities, as well as family members and closest colleagues about that individual.
The executor of the essential tasks of the public authority in the understanding of the present law is: the head of state, the head of the government, the Minister, the Deputy Minister and the assistant Minister;
- member of parliament;
- judge of the Supreme court, the constitutional court and other similar high court, whose decisions can be further appealed only in exceptional cases;
- member of the Board of the state controlling institution and member of the Board of the Central Bank;
Ambassador, chargé d'affaires and senior officer of the military forces;
- member of the governing, Supervisory and administrative body of the state commercial Association.
The positions of the European Union and other international organizations are covered under part 2, paragraphs 1 to 5.
A member of the family of the executor of the essential tasks of public authority is:
- his husband(a);
- an equivalent spouse (spouse) partner under the law of the country of residence of a person or a person with whom he or she has been engaged in joint farming for at least a year as of the date of the transaction;
- his / her children and their spouses or partners within the meaning of paragraph 2;
- its parent.
A close colleague of the executor of the essential tasks of the public authorities is:
- natural person in close commercial relations with the IP-based dispersed phase material tasks of public authority or with whom the performer of the essential tasks of public authorities is EDI-tion of the actual beneficiary of the legal entity or the contract vernogo legal Department;
- a person who, as an actual beneficiary, has in full ownership a legal entity or a contractual legal unit, which he, as it is known, has established in favor of the executor of significant public authorities.
2.9 the money laundering data Bureau is an independent structural unit of the Central criminal police, which carries out and applies state coercion in accordance with the law on the prevention of money laundering and the financing of terrorism.
Postal address: Tööstuse 52, 10416 Tallinn; e-mail: email@example.com tel: (+372) 6123 840; Fax: (+372) 612 3845.
3. The procedure for establishing the identity of the customer or the person involved in the transaction and the procedure for storing the data obtained
3.1 when establishing commercial relations, the Employee shall establish the identity of the client or the person involved in the transaction on the basis of the documents and data submitted by him / her
3.2. The following documents are used to establish identity in the Republic of Estonia:
3.2.1 identity card (ID card) of the Republic of Estonia
3.2.2 Passport of a citizen of the Republic of Estonia
3.2.3 Diplomatic passport
3.2.4 seaman's service record
3.2.5 the passport of the foreigner
3.2.6 Temporary voyage document
3.2.7 travelling document immigrant
3.2.8 seaworthy certificate;
3.2.9 a Certificate for the return
3.2.10 authorization for return
3.2.11 the passport of the citizen of a foreign state
3.2.12 Identification card (ID card) of a citizen of the European Union
3.2.13 Driving license if the document contains the user's first and last name, photo or image, signature or image, date of birth or personal identification code
3.3 transaction Data and a copy of the client's documents are stored in paper or digital format for a minimum of two months, after the expiration of the term are transferred to the contact person.
3.4 the contact person is responsible for the further safety of the data. The above-mentioned documents must be kept in such a form that the data Bureau on money laundering or other institution can receive immediately comprehensive information about the transaction within 5 years on the basis of the law.
3.5 in case of refusal of the client to provide relevant information or suspicion of authenticity of documents that the transaction may be aimed at money laundering or financing of terrorism, the employee is prohibited to make a transaction, it is necessary to immediately notify the contact person and, if possible, to record the client's data.
3.6 In case of suspicion that the client or customer's documents can be the origin of the specified in the list of countries on suspicion of Fi-nasilovanie of terrorism, the employee is obliged to perform additional verification by using the official page of the Bureau of data on money laundering on the website http://www.politsei.ee/et/organisatsioon/rahapesu/
4. The duty of notification in case of suspected money laundering and Fi-nasilovanie terrorism
4.1 the duty of the employee is to notify the contact person in case of suspicion of the unnatural transaction.
4.2 the Employee is prohibited from notifying the client that his / her data has been transferred to the contact person.
4.3 The recommendation instruction of the money laundering data Bureau on the signs of a transaction suspected of money laundering is given on the official page of the money laundering data Bureau.
4.4 the Law obliges to notify about a transaction made in cash in the amount of more than 10 000 EUR or about an equivalent transaction made in currency, regardless of the fact that the transaction is made for one or several times within one month.
5. Contact person
5.1 responsibilities of the contact person
5.1.1 Monitoring compliance with anti-money laundering regulations.
5.1.2 Preliminary analysis of reports and decision on data transfer to the money laundering data Bureau.
5.1.3 in case of suspicion of money laundering, transfer of data to the Bureau for the suppression of money laundering, respond to requests and instructions provided by the Bureau.
5.1.4 storage and processing of data on suspicious and unnatural transactions within the framework of the law.
5.2 rights of the contact person
5.2.1 control of transactions and their execution in accordance with the laws of the Republic of Estonia and this instruction.
5.3 the contact person may only provide information or data obtained as a result of his / her activities.:
5.3.1 the Director or the Manager appointed-th worker;
5.3.2 money laundering data Bureau
5.3.3 organization engaged in preliminary investigation on the basis of the criminal procedure code
5.3.4 to a Judge on the basis of an order or a court decision.
5.4 in case of reasonable suspicion of money laundering or financing of terrorism, the contact person shall immediately submit a report to the money laundering data Bureau in accordance with instruction N42 of 27.11.2017 " Content and form of notification provided by the money laundering data Bureau»
5.5 the Communication shall be transmitted to the money laundering data Bureau in electronic form: http://www.politsei.ee/et/organisatsioon/rahapesu/...
, also in oral and written forms, when using electronic communication channels. In case of oral communication, duplicates the contact person no later than the next working day in writing. Copies of the documents and data involved in the transaction shall be attached to the completed communication.
5.6 it is forbidden to inform The client about the money withdrawal message provided to the Bureau.
5.7 if the client's actions do not relate to the conditions listed in this instruction, which must be notified to the data Bureau about the money laundering, it is necessary to treat such a client with increased care and if there is a reasonable suspicion to report on the basis of the procedural rules of the institution.
5.8 the Obligor, his / her employee, representative and the person acting on his / her behalf shall not be liable for the failure of the transaction in the performance of the obligations arising from this law, or for the damage resulting from the untimely execution of the transaction, which is caused to the person participating in the economic and professional activity of the transaction in connection with the notification of the data Bureau on money laundering of suspicion of money laundering and financing of terrorism for good intentions, as well as for the damage caused to The, to a person or client participating in a transaction in a commercial and professional activity in connection with the cancellation of a long-term contract on the grounds set out in article 27 of part 3.
5.9 Execution obligated person in good faith stemming from article 32 duties of notification and transfer of relevant information is not considered as a violation assigned by law or contract confidentiality requirements and to the person who made the notification obligation does not apply the liability provided by a legal act or agreement for the disclosure of information.
6. Violation of procedure of registration and storage of data
6.1 Violation of the requirements arising from the instruction and the law on suppression of money laundering and financing of terrorism is punishable on the basis of the laws of the Republic of Estonia.
7. Conclusion of the client agreement
7.1. The conclusion of the client contract by the employee of the company shall take into account the requirements of this instruction.
8. Risk assessment and analysis
8.1. The risk assessment should be based on the General principle:
- SRA-ES risk assessment,
- NRA-state risk assessment by sector,
- PRA-self-risk assessment.
8.2. Client risk assessment
8.2.1 the Employee shall refuse to provide the services if he / she becomes aware that the provided consulting or other service may be used by the client for the purpose of money laundering or terrorist financing.
8.2.2 an Employee shall refuse to provide services if he / she becomes aware that the client is a representative of the law enforcement agencies of a foreign non-NATO member state.
8.2.3 the Employee shall refuse to provide the services if he/she becomes aware that the client is a member and / or organizer of a criminal group.
8.2.4 the Employee shall pay increased attention to the provision of services to the person of the state background, in accordance with the definition in paragraph 2.8. this instruction.
8.2.5 the Employee shall refuse to provide the service if he / she becomes aware of the connection with crime, PEP, the actual beneficiary is PEP, the sanctioned person, the person does not act on his / her own behalf, does not know the local laws, uses additional assistance.
8.3. Geographical risk
8.3.1 the Employee shall assess the risks in transactions with high-risk companies (EL 2016/1675), off-shore, UK LLP.
8.3.2 the Employee shall refuse to provide the services if he / she becomes aware that the client's country of origin/residence is:
Afghanistan, Somalia, Sierra Leone, Liberia, Congo, côte d'ivoire, Sudan, Lebanon, Iran, Iraq, Eastern Ukraine and Crimea, North Korea
or is he a member of the al-Qaida and Taliban movement»
8.4. The product risk
The employee must refuse to provide services if he / she becomes aware that the main or component of the client's activity is or is planned:
- fraud, tax optimization;
- trade in arms, ammunition and components;
- trade in narcotic substances;
- other activities prohibited by ER law.
8.5 communication Risk
At the conclusion of the contract with the client, the employee must analyze the country of residence of the client, public opinion and assess the materiality of the reputation of the service provided.
8.6. Risks associated with the use of new technologies and non-traditional sales channels
8.6.1. The employee is obliged to ensure the constant application of security measures used information systems and related information assets.
8.6.2. Associated with cyberattacks and other intentional activities of danger, it is necessary to map and pay attention to the establishment of a possible profile of the attacker. It is necessary to consider who and for what reasons may wish to attack a limited liability Partnership, which may be the most likely target of the attacker. Knowing the most likely attack scenarios, it is better to plan security measures and use resources to protect the data that will be attacked with the most probability. The effectiveness of a previously applied security measures are necessary to consistently check.
8.6.3. Employees of the company have an idea of the software and hardware used in the enterprise.
8.6.4. The limited liability Partnership carries out the detection of security weaknesses and testing of the computer network, as well as periodically testing the production of backups and data recovery.
8.6.5. If necessary, information security training courses are held periodically for employees of a limited liability Partnership.
8.6.6. If necessary, and with the constant increase in the risk of attack, it specialists from outside the limited liability Partnership are involved to dissipate the risks.
8.6.7. Employees of the company always use solutions to prevent malware and virus protection.
8.6.8. The company's employees regularly install software updates at least once a year.
8.6.9. Employees of the company periodically check accounts and usage rights to establish unnecessary data or unnecessary usage rights.
8.6.10. The limited liability partnership to the resolution of pre-start checks according to the actual need for this tolerance, the data on the employee, the availability of necessary knowledge and skills.
8.6.11. Authorized employees of the company in the current order analyze the logs of the information system to detect unauthorized access and data leakage.
At least one backup is located in a location that is physically remote from the server without a permanent network connection.
9. Order of application of measures of diligence to the client
9.1. Employees are required to comply with the application of due diligence measures in the management of money laundering and terrorist financing risks to the client:
-when concluding contracts with founders and Board members who are residents of Estonia, the risks are minimal and the measures of reliability are applied in a simplified manner,
- measures of diligence are applied in the strengthened order if:
1) when establishing the identity of the person or when checking the submitted information, there was a doubt in the reliability of the submitted data or in the authenticity of the documents or in the establishment of the actual beneficiary,
2) the client is a government official, a member of his / her family or a close colleague,
3) the customer comes from 3rd countries with a high risk,
4) the client is a resident of a country where, according to reliable sources, it is known that there are no effective systems in this country to prevent money laundering and terrorist financing, or which are considered to be a territory with a low tax rate
10. Assessment of circumstances that indicate an increased risk
In assessing the circumstances that indicate an increased risk to employees, first and foremost, consider the situation when a customer is associated with a state or jurisdiction:
* 1) where reliable sources fail to establish effective systems for the suppression of money-laundering and the financing of terrorism.
• 2) where reliable sources indicate a level of corruption or other criminal activity.
• 3) subject to sanctions, embargoes or similar measures.
• 4) which finances or supports terrorism or in the territory of which
are set by the EU or UN terrorist organization.
11. Establishment of a public official
11.1. When establishing a business relationship (at the conclusion of the client agreement), the Client fills in a questionnaire, which indicates the basic necessary to establish and verify the identity of the person, as well as required by law mandatory data. The client confirms the correctness of the data with his signature.
11.2. Among other data, the Client must indicate whether he, his family member or the nearest employee is a public official.
11.3. If the family member or the nearest employee is a public official, the Client must also indicate the person's details.
11.4. Personal data of local public officials Pro-veraude on the web page of the Bureau of data on money laundering https://www2.politsei.ee/et/organisatsioon/rahapes...
under the heading "Soovitusi riikliku taustaga isikute otimiseks" (Recommendations for finding public officials).