Cbaji maintains an AML and KYC program designed to prevent money laundering and the financing of terrorism. This policy establishes the governance, controls, and procedural requirements to identify, assess, and mitigate financial crime risks across all products, services, and jurisdictions in which Cbaji operates.
This policy applies to all customers, accounts, counterparties, employees, contractors, and service providers. It covers onboarding, ongoing transactional activity, fund deposits and withdrawals, and any activity that could affect the detectability of illicit finance. The policy governs the design and operation of Cbaji's risk-based controls, data handling, and reporting obligations.
Cbaji complies with applicable national and international AML and CFT laws, directives, and supervisory guidance. The company implements controls to meet ongoing regulatory expectations, including customer due diligence, record-keeping, reporting of suspicious activity, and internal audit requirements. Compliance is overseen by the designated compliance function and reported to the board or equivalent governance body.
The Chief Compliance Officer is the policy owner. The board or equivalent governance body provides oversight. The policy is reviewed at least annually and updated in response to regulatory developments, risk assessments, or material changes to products, services, or geographies.
At or before account creation and for every financial interaction that benefits the customer, Cbaji shall collect identifying information and verify the customer’s identity. Verification uses government-issued documents, data obtained from the customer, and reliable independent sources. Identity verification must be completed or the account restricted within a defined timeframe.
Cbaji maintains current customer information and monitors activity throughout the relationship. Records of identification, risk assessments, and material transactions are retained for a minimum of five years after account closure or the end of the business relationship, whichever is later.
Customers shall provide evidence of the source of funds used for deposits and wagers. Acceptable documents include payslips, dividend statements, bank statements showing regular deposits from identifiable sources, and other documents demonstrating lawful origin of funds. Where documents do not clearly establish provenance, further verification may be required.
Anonymous or nominal accounts are not permitted. Incomplete or inconsistent identification triggers enhanced verification or account termination as appropriate.
EDD procedures apply to customers presenting elevated risk due to factors such as high transaction volumes, complex ownership structures, PEP status, or high‑risk jurisdictions. EDD includes additional identity checks, enhanced source of funds verification, and more frequent ongoing monitoring. Decisions to apply EDD are documented and reviewed by the compliance function.
Cbaji employs ongoing, risk‑based monitoring of customer activity and counterparties. Risk classifications (low, standard, elevated) guide the level of due diligence, transaction review, and escalation. Material changes in customer risk prompt re‑assessment and, if necessary, policy updates or termination of the relationship.
All transactions are subject to monitoring for AML/CFT indicators. Cash transactions between individuals exceeding 12,500 EUR are prohibited and must be conducted through traceable channels such as bank transfers or electronic money services. Thresholds may be updated in response to regulatory changes or risk assessments and will be communicated to relevant personnel.
Cbaji conducts ongoing screening for Politically Exposed Persons and sanctions lists. When a PEP or sanctioned individual is identified, enhanced due diligence is applied, and the relationship is reviewed for potential termination or escalation in accordance with risk tolerance and regulatory requirements.
Any activity deemed suspicious or indicative of illicit finance must be reported to the competent authorities within the statutory deadlines. The internal reporting channel and documentation requirements are established to protect confidentiality while ensuring timely escalation and cooperation with investigators.
Cbaji handles personal data in compliance with applicable data protection laws. Data is collected and stored solely for AML/CFT purposes, access is restricted to approved personnel, and data is retained for the period required by law and for the duration of the business relationship plus the statutory period thereafter.
All employees and relevant contractors receive AML/CFT training on an annual basis and as needed for role changes or regulatory updates. Training covers identification of suspicious activity, KYC procedures, and the procedures for reporting concerns.
The compliance function leads the design, implementation, and update of AML/CFT controls. Business units maintain day‑to‑day adherence, support risk assessments, and ensure accurate customer due diligence. The board receives regular activity reports and reviews policy effectiveness.
This policy is subject to formal change control. Revisions address regulatory updates, risk environment changes, or material business developments. All material changes require approval from the board or designated authority and are communicated to staff in a timely manner.
