Softmask Logo

ANTI-FRAUD POLICY

BITFIRMA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ

Registered seat: Michała Kleofasa Ogińskiego Street, No. 11 / 9, 03-318 WARSZAWA
KRS: 0001133925
REGON: 529968947
NIP: 5243020519

I. Introduction

BITFIRMA Spółka z ograniczoną odpowiedzialnością with its registered seat in Warszawa, ul. Michała Kleofasa Ogińskiego no 11 / 9, 03-318 WARSZAWA, Republic of Poland (hereinafter: "the Company", "we"), is a legal entity incorporated under the laws of the Republic of Poland and entered into the Commercial Register under KRS: 0001133925, REGON: 529968947, NIP: 5243020519.

The objective of this document is to implement risk controls that will aid in the detection and prevention of fraud. It is the intent of the Company to promote consistent organizational behavior and to uphold the highest standards of moral and ethics while conducting business.

This Policy applies to all employees as well as shareholders, consultants, vendors, contractors, outside agencies doing business with employees of such agencies, and/or any other parties with a business relationship with the Company.

Management and all Company's employees are responsible for the detection and prevention of fraud, misappropriations, and other irregularities.

Fraud is defined as the intentional, false representation or concealment of a material fact for the purpose of self-gain, profiteering or inducing another to perform fraudulent acts alone or in partnership. It is a breach of trust and gross violation of all Company's values.

support@softmask.eu

Any irregularity that is detected or suspected must be reported immediately to the Company and internally to the Management Board, which coordinates all investigations for taking appropriate action. The designated channel for communication is an e-mail.

The Anti-Fraud Policy shall apply to any and all acts or omissions that constitute fraudulent or suspected fraudulent activities, including but not limited to those involving crypto assets, financial assets, monetary items such as cash, funds, stocks, proprietary information, intellectual property, materials of value, content, data, real or personal property, consumables, business transactions, agreements, contracts, bribes, gifts, favors, undue influence, or any other improper prioritization or conduct. This Policy encompasses fraudulent or suspected fraudulent conduct carried out for personal gain, whether individually or collectively, by employees, associates, or any other representatives of the Company.

Creating a comprehensive procedure for identifying and controlling fraud, elder abuse, and investment scams involves a multi-faceted approach. Based on information in place, an outline for general procedural steps, measures of control, patterns to look out for, and tools that can be used:

  1. Policies and Procedures Establishment: Development and implementation of clear policies and procedures that outline expectations for identifying and addressing fraud, elder abuse, and investment scams.
  2. Conducting Training and Awareness Programs: Providing comprehensive training to employees, especially those in customer-facing roles, about the signs of fraud, elder abuse, and investment scams. Regularly update employees on emerging fraud schemes and scams. Create a system of ongoing and ad hoc trainings, based on event-driven scenarios.
  3. Securing Customer Verification and Due Diligence: Implementation of robust customer verification processes to ensure the identities of clients and their intentions. Strict and thorough due diligence on new clients, especially those with suspicious or unconventional backgrounds.
  4. Robust Transaction Monitoring: Utilization of transaction monitoring systems to identify unusual or suspicious activities, such as large transactions, frequent withdrawals, using multiple cards on one account, or transfers to unfamiliar accounts. Set up thresholds and alerts for potentially fraudulent activities, based on assumptions and experience.
  5. Using System of Identifying Red Flags and Patterns: Provide training to employees to recognize red flags and patterns associated with fraud, elder abuse, and investment scams. The most common include:
    • Sudden changes in a client's behavior or financial habits.
    • Requests for secrecy or urgency in transactions.
    • Unexplained withdrawals or transfers.
    • Uncharacteristic involvement of third parties in financial transactions.
    • Pressure tactics or manipulation used against elderly clients.
    • Unsolicited offers promising high returns on investments with little or no risk.
    • Requests for personal or financial information via phone, email, or online.
    For a more detailed summary of red flags in relation to cryptocurrencies, please see Appendix 2.
  6. Securing Proper Reporting and Escalation: Establishment of clear procedures for employees to report suspected cases of fraud, elder abuse, or investment scams internally. System of incentives to encourage employees to escalate concerns to the appropriate authorities or senior management if necessary.
  7. Securing Proper and Time Efficient Collaboration with Authorities: Partnerships with law enforcement agencies, regulatory bodies, and elder protection organizations to be established in order to share information and coordinate efforts to combat fraud and elder abuse.
  8. Common Use of Technology and Tools: Implementation of fraud detection and prevention software that utilizes artificial intelligence and machine learning algorithms to detect anomalies and patterns indicative of fraud. Data analytics tools to be used to identify trends and anomalies in financial transactions. Employment of customer relationship management (CRM) systems to track interactions with clients and flag any unusual behavior or requests.
  9. Regular Audits and Reviews: Regular audits and reviews of internal controls and procedures to identify weaknesses and areas for improvement. Reviews of past cases of fraud, elder abuse, and investment scams to identify commonalities and update prevention measures accordingly. These are to be done internally and externally.
  10. Maintaining Continuous Improvement: Ongoing monitoring and updating policies, procedures, and training programs to adapt to evolving threats and regulatory requirements.

The Company assumes that by following this procedure and incorporating appropriate measures of control, pattern identification, and utilizing the mentioned tools, organizations can enhance their ability to detect and prevent fraud, elder abuse, and investment scams effectively.

II. Fraud Schemes

Fraud schemes can take various forms and can be perpetrated through different methods. While the specific patterns may vary depending on the type of fraud, there are several common patterns and indicators that can help identify potential fraudulent activities.

Here are key patterns listed, which must be looked out for:

  1. Unusual Account Activity:
    • Sudden or unexplained changes in account balances, such as large deposits or withdrawals, may indicate fraudulent activity.
    • Abrupt changes in transaction frequency or amounts that are inconsistent with the customer's typical behavior could be a red flag.
  2. Unauthorized Access:
    • Signs of unauthorized access to accounts, such as multiple failed login attempts or login from unfamiliar locations, may indicate attempted fraud.
  3. Identity Theft:
    • Requests to change account information or reset passwords without proper verification of identity may signal an attempt to commit identity theft.
  4. Social Engineering Tactics:
    • Social engineering tactics, such as phishing emails or phone calls impersonating legitimate organizations, are commonly used to trick individuals into revealing sensitive information or transferring funds.
  5. Account Takeover:
    • Unexplained changes in account ownership or authorized signatories without proper documentation could indicate an account takeover by fraudsters.
  6. Forgery or Falsification:
    • Instances of forged signatures, altered documents, or falsified information may be indicative of fraudulent activity.
  7. Wire Transfers to High-Risk Countries:
    • Large or frequent wire transfers to countries known for financial crime or money laundering activities may raise suspicions of fraud.
  8. Unsolicited Offers and Investment Scams:
    • Unsolicited offers promising unusually high returns with little or no risk, or pressure tactics to invest quickly, are common indicators of investment scams.
  9. Employee Collusion:
    • Collusion between employees and external parties to facilitate fraudulent transactions or cover up unauthorized activities may be detected through unusual patterns of communication or behavior.
  10. Mismatched Documentation:
    • Inconsistencies or discrepancies in documentation, such as address verification or identity proofing, may indicate attempts to deceive.
  11. Account Dormancy followed by Activity:
    • Accounts that have been dormant for an extended period suddenly becoming active with large transactions may indicate fraudulent activity.
  12. Phantom Employees or Vendors:
    • Payments to nonexistent employees or vendors, or inflated invoices for services not rendered, are common indicators of fraudulent schemes.

These are the most widely used patterns that may indicate fraudulent activity. It's essential to remain vigilant and continuously assess transactions and account activities for any anomalies or suspicious behavior. All employees must stay vigilant in order to secure operational activity of the Company.

III. Elder Abuse in Financial Services

Elder abuse related to fraud involves exploiting older adults for financial gain through deceptive or manipulative means. Recognizing patterns associated with elder financial exploitation requires vigilance and awareness of common tactics used by perpetrators.

Here are most often used patterns that may indicate elder abuse related to fraud:

  1. Unsolicited Offers and Scams: Elderly individuals may receive unsolicited offers through phone calls, emails, or mail promising prizes, lottery winnings, or investment opportunities with high returns and low risk. Scammers may use persuasive tactics to pressure elders into providing personal information, such as Social Security numbers, bank account details, or credit card information.
  2. Deceptive Marketing and Sales Practices: False advertising or deceptive sales pitches targeting older adults with products or services that are overpriced, unnecessary, or of poor quality. Misleading claims about the effectiveness or benefits of products, treatments, or services, particularly related to health and wellness.
  3. Identity Theft and Financial Fraud: Unauthorized use of an elder's personal or financial information to open credit accounts, apply for loans, or make purchases without their consent. Forged signatures on checks, legal documents, or financial transactions, often carried out by caregivers, family members, or acquaintances.
  4. Power of Attorney Abuse: Improper or abusive use of a power of attorney granted by an elderly individual to manage their financial affairs, such as unauthorized withdrawals, transfers, or changes to legal documents. Coercion or manipulation by individuals with power of attorney authority to gain control over the elder's assets or property.
  5. Investment Scams and Ponzi Schemes: Elderly individuals may be targeted by investment scams promising high returns with little or no risk, often involving fraudulent schemes such as Ponzi or pyramid schemes. Fraudsters may exploit the trust and vulnerability of older adults to convince them to invest in fraudulent ventures or financial products.
  6. Family Member or Caregiver Exploitation: Financial exploitation may occur when family members, caregivers, or trusted individuals abuse their position of trust to manipulate or control an elder's finances for their own benefit. This could include withholding funds, stealing cash or valuables, or coercing the elder into making financial decisions against their best interests.
  7. Isolation and Control: Perpetrators of elder financial abuse may isolate the victim from family, friends, or other sources of support to maintain control over their finances and prevent detection of the fraud.

Recognizing these patterns and staying informed about common scams and fraud tactics can help protect older adults from financial exploitation. Company's employees must be very vigilant in reviewing accounts that are opened or subsequently used with transaction monitoring. However, due to the nature of the products offered, it can be very difficult to detect any of the above fraud patterns in relation to older people.

IV. Investment Scams

Identifying investment scams requires a careful assessment of various factors and red flags that may indicate fraudulent activity.

Here are key indicators to help detect investment scams:

  1. Promises of High Returns with Low Risk: Investment opportunities that promise unusually high returns with little or no risk should raise suspicion. Legitimate investments typically involve some level of risk, and higher returns often correspond to higher risk.
  2. Guaranteed Returns or Consistent Profits: Scammers may guarantee consistent profits or returns on investments, regardless of market conditions or economic factors. In reality, investment returns can fluctuate, and there are no guarantees of profitability.
  3. Pressure to Invest Quickly: Fraudsters often use high-pressure sales tactics to create a sense of urgency and prompt individuals to invest hastily without conducting proper due diligence. They may claim limited availability or time-sensitive opportunities to pressure investors into making impulsive decisions.
  4. Unregistered Investments or Offshore Accounts: Investments that are not registered with relevant regulatory authorities or involve offshore accounts may be part of fraudulent schemes. Investors should verify the legitimacy of investment opportunities and ensure compliance with regulatory requirements.
  5. Lack of Documentation or Transparency: Legitimate investment opportunities typically provide detailed documentation, such as prospectuses, offering memoranda, or financial statements, to inform investors about the risks and terms of the investment. Lack of transparency or refusal to provide documentation should raise concerns.
  6. Complex or Unfamiliar Investment Products: Scammers may promote complex or obscure investment products that are difficult to understand or evaluate. Investors should be cautious of investments that lack transparency or involve unfamiliar concepts or structures.
  7. Unsolicited Offers or Cold Calls: Unsolicited offers or cold calls promoting investment opportunities should be treated with skepticism. Legitimate investment professionals typically do not engage in unsolicited sales tactics or pressure individuals to invest without proper consideration.
  8. Absence of Professional Credentials or Licensing: Investors should verify the credentials and licensing of individuals or firms offering investment advice or services. Professional designations, such as Certified Financial Planner (CFP), Chartered Financial Analyst (CFA), Chartered Accountants provide reassurance of expertise and adherence to ethical standards.

It's essential for investors to conduct thorough due diligence, seek advice from trusted financial professionals, and remain vigilant for potential signs of investment scams.

V. Tools and Technologies

To prevent fraud schemes, elder abuse, and investment scams, various tools and technologies can be utilized to enhance detection, prevention, and intervention efforts. Here are commonly used tools in combating these types of financial crimes:

  1. Fraud Detection and Prevention Software:
    • Advanced fraud detection software employs algorithms and machine learning techniques to analyze transactional data and identify patterns indicative of fraudulent activity.
    • These systems can flag suspicious transactions in real-time, helping financial institutions mitigate risks and prevent fraud.
  2. Identity Verification Solutions:
    • Identity verification tools use biometric authentication, document verification, and identity verification services to validate the identity of individuals conducting financial transactions.
    • By verifying the identity of customers and detecting potentially fraudulent identities, these tools help prevent identity theft and unauthorized account access.
  3. Transaction Monitoring Systems:
    • Transaction monitoring systems continuously monitor financial transactions for unusual or suspicious activity, such as large transactions, multiple transfers to unfamiliar accounts, or deviations from normal spending patterns.
    • These systems generate alerts for further investigation by compliance or security teams, enabling proactive fraud prevention measures.
  4. Customer Due Diligence (CDD) Solutions:
    • Customer due diligence solutions assist financial institutions in conducting thorough background checks and risk assessments on customers to identify potential fraud risks and comply with regulatory requirements.
    • These solutions may include customer screening against sanctions lists, politically exposed persons (PEP) databases, and adverse media sources.
  5. Data Analytics and Predictive Modeling:
    • Data analytics tools analyze large volumes of financial data to identify trends, anomalies, and patterns indicative of fraudulent behavior.
    • Predictive modeling techniques leverage historical data to forecast future fraud risks and optimize fraud prevention strategies.
  6. Cybersecurity Solutions:
    • Robust cybersecurity solutions, such as firewalls, intrusion detection systems, and endpoint protection software, safeguard against cyber threats and unauthorized access to sensitive financial information.
    • Encryption technologies protect data in transit and at rest, reducing the risk of data breaches and identity theft.
  7. Education and Awareness Programs:
    • Educational initiatives raise awareness among consumers, employees, and vulnerable populations about common fraud schemes, elder abuse tactics, and investment scams.
    • Training programs empower individuals to recognize warning signs, protect their financial assets, and report suspicious activities to relevant authorities.
  8. Regulatory Compliance Software:
    • Regulatory compliance software helps financial institutions adhere to anti-money laundering (AML), know your customer (KYC), and fraud prevention regulations by automating compliance processes, monitoring regulatory changes, and facilitating audit trails.
  9. Collaborative Platforms and Information Sharing Networks:
    • Collaborative platforms and information sharing networks enable financial institutions, law enforcement agencies, government authorities, and industry stakeholders to share intelligence, collaborate on investigations, and coordinate efforts to combat financial crimes effectively.
  10. Elder Abuse Prevention Tools:
    • Dedicated elder abuse prevention tools, such as elder financial abuse detection software or caregiver monitoring systems, help identify signs of financial exploitation, neglect, or mistreatment among vulnerable elderly populations.
    • These tools facilitate early intervention and support the protection of seniors' financial well-being.

VI. Typical Fraud Associated with Crypto Assets

Taking into consideration the main activity of the Company, a special section must be added which is related to frauds in crypto assets. Fraud in the crypto assets space encompasses a wide range of deceptive practices aimed at unlawfully obtaining funds or assets from individuals or entities involved in such transactions. Here are some common types of frauds related to crypto:

  1. Phishing: Fraudulent attempts to obtain sensitive information such as passwords, private keys, or account credentials by impersonating legitimate entities through fake websites, emails, or messages.
  2. Ponzi Schemes: Promise investors high returns but pay returns using funds from new investors rather than legitimate profits. The scheme becomes unsustainable and collapses, causing losses for later investors.
  3. Pyramid Schemes: Involve recruiting new participants into a hierarchical structure, promising returns for recruiting others, with payouts funded by new recruits.
  4. Exit Scams: Projects or platforms abruptly shut down and disappear with investors' funds, often after raising funds through ICOs or token sales.
  5. Impersonation Scams: Scammers impersonate reputable individuals, companies, or projects to deceive users into sending funds or divulging sensitive information.
  6. Malware and Hacking: Use of malware, ransomware, or hacking techniques to gain unauthorized access to wallets, exchanges, or devices, stealing credentials or funds.
  7. Fake Wallets and Exchanges: Creation of fake wallets or exchanges to trick users into depositing funds, which are then stolen.
  8. Fraudulent Trading Signals: Offering fraudulent trading signals or investment advice promising guaranteed profits or insider tips, often charging fees or encouraging trades based on false information.

VII. Procedure Related to Potential Fraud Detection

Detecting fraud is a serious matter that requires prompt and effective action to mitigate risks and ensure regulatory compliance. Here is a procedure of steps to follow when fraud has been detected:

  1. Initial Assessment:
    • Verify the legitimacy of the detected irregularity or suspicious activity.
    • Determine the scope and potential impact of the fraud.
  2. Secure Evidence: Preserve all relevant evidence related to the suspected fraudulent activity, including financial records, transaction logs, emails, and other documentation.
  3. Initiate Internal Investigation:
    • Conduct a thorough internal investigation to identify the root cause, individuals involved, and any systemic weaknesses.
    • Interview relevant employees and review documents and electronic data.
    • Engage external forensic experts if necessary.
  4. Implement Remedial Actions:
    • Take immediate steps to prevent further losses and mitigate risks.
    • Implement enhanced controls, procedures, and monitoring mechanisms.
  5. Notify Management and Board: Inform senior management and the board of directors with a detailed report.
  6. Consider Disciplinary Actions: Determine appropriate disciplinary actions for individuals involved, in accordance with company policies and laws.
  7. Review Compliance Obligations: Assess regulatory reporting requirements and ensure compliance with laws and regulations.
  8. Notify Stakeholders: Communicate with relevant stakeholders, such as customers, investors, and business partners, as appropriate.
  9. Review and Update Policies: Review and update policies, procedures, and controls to strengthen anti-fraud measures.
  10. Monitor and Review: Establish ongoing monitoring and review processes to detect and prevent fraud in the future.
  11. Document and Learn: Document all findings, actions taken, and lessons learned to inform future prevention efforts.
  12. Follow Up: Continuously monitor and follow up on remedial actions to ensure effectiveness and address residual risks.

The above steps may be tailored to the specific circumstances of the detected fraud. If third-party providers are involved, collaboration must be secured at every stage. The person conducting the investigation will have unrestricted access to all records, systems, and employees as needed. Employees under investigation may be restricted from accessing company resources until investigations are complete. The company reserves the right to question any relevant parties. These procedures also apply to subcontractors.

VIII. Confidentiality

The Company treats all received information confidentially. Any employee who suspects dishonest or fraudulent activity will notify the Management Board (or designated person) immediately and should not attempt to personally conduct investigations or interviews related to any suspected fraudulent act.

Investigation results will not be disclosed or discussed with anyone other than those who have a legitimate need to know. This is important to avoid damaging the reputations of persons suspected but subsequently found innocent and to protect the Company.

Appendix 1: Fraud Response Procedure for Virtual Asset Service Providers (VASPs)

This document outlines the step-by-step procedure for Virtual Asset Service Providers (VASPs) to follow upon detecting or suspecting fraudulent activity. The procedure ensures compliance with regulatory requirements, minimizes risks, and maintains trust with stakeholders. Please see the additional procedure guidelines related to Law Enforcement Queries in the AML Policy. This procedure is related to all applicable scenarios when fraudulent activity is detected internally.

I. Initial Detection and Reporting

  1. Identification of Suspicious Activity:
    • Automated monitoring systems
    • Employee observations or whistleblower reports
    • Alerts from regulatory bodies or law enforcement
  2. Reporting Mechanism:
    • The employee or system that detects the fraud must report it immediately through the designated channels:
    • Internal reporting system - mailbox: support@softmask.eu
    • Direct supervisor and/or Management Board member
  3. Initial Assessment:
    • The designated employee performs a preliminary review to validate the report's credibility, determine the potential scope and impact, and prioritize cases based on severity.

II. Securing Evidence

  1. Preservation of Data: All relevant data must be secured, including documentation obtained from the user, transaction logs, user communications, and system access records. This is done by creating a separate folder with the client ID on the shared drive and saving all relevant data as PDFs.
  2. Access Control: Restrict access to accounts, systems, or assets involved in the suspected fraud to prevent further losses or tampering. Document this action and add it to the created folder.
  3. Collaboration with Forensic Experts (if applicable): Engage external forensic specialists for advanced data recovery, blockchain analytics, or cryptographic investigations as needed. Document all actions and findings.

III. Investigation

  1. The designated employee collaborates with various departments to obtain full information.
  2. Analyze transaction patterns and account activity, review KYC documentation and user profiles, and trace asset movements using blockchain analysis tools.
  3. Record all findings, including the nature of the fraud, methods used, and individuals or systems involved.

IV. Mitigation Measures

  1. Immediate actions: Freeze accounts associated with fraudulent activity, revoke system access for those involved, and notify affected users if applicable.
  2. Additional containment: Isolate the fraudulent activity and temporarily disable vulnerable systems or services if required.

V. Notification and Reporting

  1. Internal notification: Inform the Management Board or direct supervisor in writing (email).
  2. External reporting: Notify regulatory authorities as required and provide reports to law enforcement if the fraud involves criminal activity.
  3. Customer communication: Issue a formal communication to affected customers, detailing the nature of the incident and steps taken to mitigate the impact.

VI. Post-Incident Actions

  1. Review and analysis: Conduct a root cause analysis within two weeks and evaluate the effectiveness of amended fraud detection and response systems.
  2. Policy and procedure updates: Update internal policies and procedures based on lessons learned and enhance monitoring systems.
  3. Training and awareness: Conduct targeted training for employees to identify new fraud patterns and reinforce reporting mechanisms.

Roles and Responsibilities

  • Employees: Identify and report suspicious activity promptly; cooperate fully with the designated employee conducting the investigation.
  • Designated employee: Lead investigations, coordinate with relevant departments, and ensure compliance with legal and regulatory obligations.
  • Management: Support the investigation, allocate necessary resources, and approve updates to policies and systems.

Appendix 2: Red Flags for Crypto

The Financial Action Task Force (FATF) released a report highlighting red flag indicators of money laundering and terrorist financing specifically aimed at virtual assets. These indicators are grouped into six categories:

  • Transactions
  • Transaction patterns
  • Anonymity
  • Senders or recipients
  • Source of funds or wealth
  • Geographical risks

Transactions

  • Structuring transactions in small amounts or just under reporting thresholds.
  • High-value transactions in a short period, or in staggered/regular patterns.
  • Depositing funds suspected as stolen or fraudulent into crypto wallets.
  • Transferring virtual assets to jurisdictions with weak AML/CFT regulation or no plausible relation to the customer.
  • Withdrawing virtual funds without in-between transactions, especially if incurring fees, or converting assets into multiple different assets without logical business explanation.

Transaction Patterns

  • New accounts opened with large initial deposits traded away shortly afterwards.
  • New accounts funded with amounts inconsistent with the user's profile.
  • Transactions involving multiple assets or accounts with no logical business explanation.
  • Crypto transactions resulting in a loss of money due to account fees.
  • Repeated exchanges of fiat to crypto without logical business explanation, and small amounts from numerous wallets instantly relocated or removed.

Anonymity

  • Moving assets from a public blockchain to a centralized exchange and then to a private or anonymous coin.
  • Transactions involving highly anonymous currencies that incur additional, unjustifiable fees.
  • Significant volume of peer-to-peer transactions involving mixing services without justification.
  • Operating as unregistered or unlicensed service providers for others on peer-to-peer sites, charging higher fees than traditional exchanges.
  • Use of decentralized exchanges to transfer assets across borders.
  • Funds entering wallets from IP addresses associated with darknet or similar software.
  • Multiple, unrelated wallets controlled from the same IP address.
  • Sending/receiving funds from service providers with weak or non-existent CDD/KYC processes.
  • Use of virtual currency ATMs/kiosks in high-risk locations.

Senders or Recipients

  • Creating multiple accounts under different names to circumvent restrictions.
  • Transactions from non-trusted IP addresses or sanctioned jurisdictions.
  • Internet domain registrations in different jurisdictions or those with weak controls.
  • Incomplete or insufficient KYC information, or refusal to provide documents or information regarding the source of funds.
  • Supplying forged documents as part of onboarding.
  • Lack of knowledge about the transaction, source of funds, or client relationship.
  • Credentials shared by another account.
  • Discrepancies between customer's IP address and transaction IP.
  • Customer details appearing on public forums associated with illegal activity.
  • Customer known to law enforcement for criminal activity.
  • Senders unfamiliar with crypto technology.
  • Significantly older customers engaging in many transactions.
  • Vulnerable customers dealing in high-risk transactions.
  • Purchasing large amounts of assets inconsistent with financial profile.
  • Regularly changing personal details or using multiple IP addresses in a short period.
  • Language in transaction message fields indicating illicit activity.
  • Repeated transactions with certain individuals at significant profit or loss.

Source of Funds or Wealth

  • Transactions originating from or sent to online gambling services.
  • Transactions with accounts linked to fraud, extortion, ransomware, darknet marketplaces, illicit websites, or sanctioned addresses.
  • Significant deposits out of profile with unknown source of funds.
  • Large deposits into wallets immediately withdrawn as fiat currency.
  • Wallets linked to multiple credit/debit cards frequently withdrawing large amounts of fiat.
  • Majority of wealth derived from crypto investments or ICOs.
  • Funds received directly from mixing services or wallet tumblers.

Geographical Risks

  • Funds deriving from or sent to a different jurisdiction than the user's location.
  • Using crypto services in high-risk jurisdictions with limited or no AML regulations.
  • Relocating workplace to high-risk jurisdictions with limited or no AML regulations.