Anti Money Laundering (“AML”) Policy
Under various federal and provincial regulations, the company has a duty to prevent criminals from legitimizing the proceeds of their criminal activities through the use of various techniques known as “money laundering.” National Digital Asset Exchange Inc. (“NDAX”) has developed strong internal Anti-Money Laundering Compliance Policies (“AML Policies”), in an effort to maintain the highest possible compliance with applicable laws and regulations relating to anti-money laundering and terrorist financing in Canada, and with other such laws and regulations to which NDAX operations are subject in other jurisdictions.
This NDAX customer-facing policy outlines the internal approach taken by NDAX to ensure compliance with international, federal, and provincial laws.
The Financial Transactions Reports Analysis Centre of Canada (“FINTRAC”) is responsible for monitoring compliance with anti-money laundering legislation. NDAX is registered with FINTRAC as a Money Service Business and has corresponding compliance obligations with regard to the reporting, record keeping and know-your-client requirements under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (“PCMLTFA” or the “Act”) and associated regulations. FINTRAC requires:
- A Compliance Officer: or the appointment of a “responsible person”, typically the Chief Compliance Officer (“CCO”), who is charged with the implementation, oversight, and compliance of internal AML Policies;
- Compliance Policies and Procedures: the implementation of written compliance policies and procedures to mitigate compliance risk including records retention requirements and know-your-customer client identification, especially in the context of high-risk operations;
- Ongoing Risk Assessment: conducting ongoing monitoring of all transactions for potentially suspicious, and attempted suspicious, activities and filing Suspicious Transaction Reports (“STR”), Attempted Suspicious Transaction Reports (“ASTR”) and Terrorist Property Reports (“TPR”) when required;
- Compliance Training: implementing a formal, ongoing, and documented compliance training program for all employees, agents, and others acting on behalf of NDAX;
- Effectiveness Review: instituting, maintaining, and documenting a review of the effectiveness of NDAX’s internal policies and program frequently.
NDAX has designated its CCO as the “responsible person” for the implementation of its AML program. The CCO will conduct an annual review to test the effectiveness of the program. The CCO is also required to report any violations of the AML Policies directly to the CEO and the Board, and is responsible for recording and filing STRs, ASTRs, TPRs and performing AML Policies audits at least annually.
Compliance Policies and Procedures
NDAX has adopted a risk-based compliance regime approved by its board of directors (“the Board”). NDAX personnel and the Board recognize the importance of implementing and maintaining a sound Anti-Money Laundering and Counter Terrorist Financing (AML/CTF) policy that meets the requirements of all applicable laws and regulations, and as such, has implemented internal policies and procedures to achieve these requirements. The AML Policies are reviewed on a regular basis and, if necessary, revised in an effort to comply with regulatory changes.
Key points of the AML Policies include internal reporting and compliance requirements pertaining to:
Know Your Client (“KYC”) Identification Procedure
NDAX maintains customer identity verification processes as required under legislation and according to industry best practices. NDAX’s Customer Identity Program (“CIP”) is an important part of its AML Policies, which helps detect suspicious activity in a timely manner and prevent fraud.
To open an account and use NDAX, every client's identity must be verified, authenticated, and checked against various government watch lists. Only Canadian persons are able to open accounts with NDAX. Failure to complete any of these steps will result in the inability to open an account and use the exchange platform on NDAX.
Individual Account Opening
Prior to opening an account for an individual customer, NDAX attempts to collect, verify, and authenticate the following information:
- Full legal name;
- Date of birth;
- Contact information including email address and mobile phone number;
- Social insurance number or any comparable identification number issued by the government;
- Proof of identity (e.g., driver’s license, passport or any other government issued picture ID);
- Permanent home address (not a mailing address or P.O. Box);
- Additional information or documentation that may be required at the discretion of the compliance team.
Corporate Account Opening
Prior to opening an account for a corporation, NDAX attempts to collect, verify, and authenticate the following information:
- The corporation’s legal name;
- Proof of legal existence (e.g., certificate of corporate status, a record that has to be filed annually under provincial securities legislation, any other record that confirms the corporation’s existence);
- Address (principal place of business and/or other physical location);
- Employer identification number or any comparable identification number issued by the government;
- Full legal name of all account signatories and beneficial owners;
- Contact information for all account signatories (email address and mobile phone number);
- Contact information of owners, principals, and executive management (as applicable);
- Proof of identity (e.g., driver’s license, passport or any other government issued picture ID) for each individual beneficial owner that owns 25% or more, as well as all account signatories;
- Identifying information for each entity beneficial owner that owns 25% or more (see individual customer information collected above for more details).
Other Account Opening
Requirements are generally the same as those for corporate clients (as applicable). Certain additional information may be required due to the unique nature of the client structure.
- Proof of legal existence, such as, a partnership agreement, articles of association and/or any other similar records that confirm the entity’s existence.
Institutional Account Opening
Prior to opening an account for an institutional client, NDAX attempts to collect, verify, and authenticate the following information:
- Full legal name;
- Contact information;
- FAddress of head or principal office (which must be a physical location);
- Names and contact information of persons authorized to give instructions on the account;
- Evidence of assets under administration or management if applicable;
- Additional information or documentation may be required at the discretion of our Compliance Team.
Politically Exposed Persons (“PEP”)
Internal risk assessment processes are implemented to ensure that both funding of and trading with NDAX account are not for unauthorized purposes.
Additional Information Required at Account Opening for All Accounts
NDAX may require additional information including, amongst other things, the intended use for the account before accounts may be opened.
Reporting Requirement and Internal Guidelines for Identifying Unauthorized or Suspicious Transactions
The PCMLTFA requires NDAX to report to FINTRAC where the firm knows there is property in its possession or control that is owned or controlled by or on behalf of a terrorist group. Please note NDAX does not accept cash to fund accounts.
The Act requires the reporting of transactions or attempted transactions where there are reasonable grounds to suspect that they are related to a money laundering offence to FINTRAC.
NDAX complies with all the reporting requirements as per the Act and regulations as enforced by FINTRAC. There are multiple situations where NDAX is obligated to submit reports, such as:
- An STR and/or an ASTR will be submitted if a suspicious transaction is suspected or attempted.
- A TRP will be filed with FINTRAC immediately if property is identified to be owned or controlled by or on behalf of a terrorist or terrorist group.
NDAX conducts ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information, including, but not limited to, information regarding the beneficial ownership of legal entity users.
All NDAX employees and officers receive ongoing broad-based AML training, as well as position-specific training. Training must be repeated at least once every twelve (12) months to ensure employees remain knowledgeable and in compliance with all pertinent laws and regulations. New employees receive training within thirty (30) days of their start date. All documentation related to compliance training including: materials, tests, results, attendance and date of completion are maintained. In addition, the NDAX compliance training program is updated as necessary to reflect current laws and regulations.
Internally the CCO is responsible for performing an audit of the AML Policies at least annually and presenting the results to the CEO and the Board.
Independent review occurs a minimum of once every two years. The independent review of the AML/CTF compliance regime is performed by a qualified AML/CTF regime auditor according to FINTRAC’s guidelines. The process assesses NDAX internal controls, transactional systems and procedures. The findings from such examination are sent directly to the Audit Committee of the Board for review.
Records Retention and Disposition
NDAX complies with the record keeping requirements as per the Act and it’s associated regulations. Records are retained for seven (7) years and are available upon official request by an applicable examiner, regulator, or law enforcement agency.
Anti-Money Laundering Policy was last updated on October 4, 2019.