SPS DAO Foundation Know Your Customer (KYC) and Anti-Money Laundering (AML) Policy

Effective Date: May 13, 2025

1. Purpose

This Know Your Customer (KYC) and Anti-Money Laundering (AML) Policy outlines SPS DAO Foundation's commitment to preventing money laundering, terrorist financing, fraud, and other financial crimes. The policy ensures compliance with applicable laws, regulations, and industry standards, including the Bank Secrecy Act (BSA), USA PATRIOT Act, Financial Action Task Force (FATF) recommendations, and relevant local regulations. It establishes procedures for customer identification, due diligence, transaction monitoring, and reporting suspicious activities to safeguard the integrity of the financial system and protect SPS DAO Foundation and its customers.

2. Scope

This policy applies to all employees, contractors, agents, and third-party partners of SPS DAO Foundation involved in onboarding customers, processing transactions, or managing customer relationships. It covers all customers, including individuals, legal entities, and beneficial owners, across all products and services offered by SPS DAO Foundation.

3. Definitions

  • KYC (Know Your Customer): Procedures to verify the identity, suitability, and risk profile of customers to prevent financial crimes.
  • AML (Anti-Money Laundering): Laws, regulations, and processes to detect, prevent, and report money laundering activities.
  • CDD (Customer Due Diligence): The process of collecting and verifying customer information to assess their risk profile.
  • EDD (Enhanced Due Diligence): Additional scrutiny for high-risk customers, such as politically exposed persons (PEPs) or those in high-risk jurisdictions.
  • SAR (Suspicious Activity Report): A report filed with authorities (e.g., FinCEN in the U.S.) when suspicious transactions are detected.
  • Beneficial Owner: An individual who owns or controls 25% or more of a legal entity or exercises significant control over it.

4. Policy Statement

SPS DAO Foundation is committed to maintaining a robust KYC/AML program that:

  • Identifies and verifies customer identities.
  • Assesses and monitors customer risk profiles.
  • Detects and reports suspicious activities.
  • Complies with all applicable AML/CTF laws and regulations.
  • Trains employees to recognize and address financial crime risks.

5. KYC Procedures

5.1 Customer Identification Program (CIP)

SPS DAO Foundation will implement a risk-based CIP to verify the identity of all customers before providing services. The CIP includes:

  • Individual Customers:
    • Collect: Full name, date of birth, residential address, and government-issued identification number (e.g., passport, driver’s license).
    • Verify: Using reliable, independent sources (e.g., government-issued ID, utility bills, or electronic verification systems).
  • Legal Entities:
    • Collect: Business name, registration number, registered address, and details of beneficial owners (individuals owning ≥25% or exercising control).
    • Verify: Using corporate registries, articles of incorporation, or third-party verification services.
  • Methods:
    • Documentary: Original or certified copies of IDs, proof of address (e.g., utility bills <3 months old).
    • Non-Documentary: Cross-referencing with public databases, credit bureaus, or biometric verification.
    • Electronic: Use of trusted eKYC platforms for real-time identity checks.

5.2 Customer Due Diligence (CDD)

CDD is conducted to understand the nature of the customer’s activities and assess their risk profile:

  • Standard CDD:
    • Verify customer identity and beneficial owners.
    • Understand the purpose and intended nature of the business relationship.
    • Assess the source of funds and expected transaction patterns.
  • Ongoing CDD:
    • Monitor customer transactions for consistency with their risk profile.
    • Update customer information periodically (e.g., every 1–3 years, based on risk).
    • Maintain records of CDD measures for at least 5 years, as required by law.

5.3 Enhanced Due Diligence (EDD)

EDD is applied to high-risk customers, including:

  • Politically Exposed Persons (PEPs).
  • Customers in high-risk jurisdictions (per FATF or OFAC lists).
  • Customers in high-risk industries (e.g., cryptocurrency, gambling, money services).
  • Accounts with unusual activity (e.g., large cash deposits, frequent cross-border transfers).

EDD Measures:

  • Obtain additional documentation (e.g., source of wealth, bank statements).
  • Conduct adverse media screening and sanctions list checks.
  • Perform site visits or interviews for legal entities, if necessary.
  • Increase transaction monitoring frequency.

6. AML Procedures

6.1 Transaction Monitoring

SPS DAO Foundation will implement systems to monitor customer transactions for suspicious activity:

  • Real-Time Monitoring: Use automated tools to flag transactions exceeding thresholds (e.g., cash deposits >$10,000 in the U.S.) or deviating from expected patterns.
  • Behavioral Analytics: Employ AI-driven tools to detect anomalies, such as rapid fund transfers or layering patterns.

Red Flags:

  • Multiple small deposits to avoid reporting thresholds (structuring).
  • Transactions with high-risk jurisdictions or sanctioned entities.
  • Inconsistent activity with the customer’s stated purpose or profile.
  • Use of shell companies or complex ownership structures to obscure beneficial owners.

6.2 Suspicious Activity Reporting

  • Internal Reporting: Employees must report suspicious activities to the AML Compliance Officer within 24 hours.
  • SAR Filing: If a transaction is deemed suspicious, SPS DAO Foundation will file a Suspicious Activity Report (SAR) with the relevant authority (e.g., FinCEN in the U.S.) within 30 days, per regulatory requirements.
  • Confidentiality: SAR filings and related information will remain confidential, except as required by law.

6.3 Recordkeeping

  • Retain all KYC/AML records, including customer identification documents, transaction records, and SARs, for a minimum of 5 years (or longer, per local regulations).
  • Ensure records are securely stored and accessible for regulatory audits.

7. Risk Assessment

SPS DAO Foundation will conduct an annual AML risk assessment to identify vulnerabilities, including:

  • Customer risk (e.g., PEPs, high-risk industries).
  • Geographic risk (e.g., operations in FATF grey-listed countries).
  • Product/service risk (e.g., virtual assets, cross-border payments).

The assessment will inform updates to KYC/AML policies and controls.

8. Roles and Responsibilities

8.1 AML Compliance Officer

  • Development and enforcement of policies and procedures.
  • Employee training and awareness.
  • Coordination with regulatory authorities and auditors.
  • Review and investigation of suspicious activity reports.

8.2 Employees

  • Complete mandatory KYC/AML training upon onboarding and annually.
  • Report suspicious activities to the AML Compliance Officer promptly.
  • Adhere to all KYC/AML procedures during customer interactions.

8.3 Senior Management

  • Approve the KYC/AML policy in writing.
  • Allocate resources for compliance, including technology and training.
  • Review periodic reports from the AML Compliance Officer.

9. Training

  • Frequency: All relevant employees will receive KYC/AML training annually and upon significant regulatory changes.
  • Content: Training will cover:
    • AML/CTF laws and regulations.
    • Recognizing red flags and suspicious activities.
    • KYC procedures and documentation requirements.
    • Case studies of money laundering and terrorist financing.
  • Certification: Employees must complete training and pass an assessment to demonstrate understanding.

10. Third-Party Reliance

SPS DAO Foundation may rely on third parties (e.g., KYC service providers) for certain KYC/AML functions, provided:

  • The third party is subject to AML regulations and overseen by a competent authority.
  • A written agreement outlines responsibilities and compliance obligations.
  • SPS DAO Foundation remains liable for ensuring compliance and may audit third-party performance.

11. Sanctions Compliance

  • Screen customers and transactions against sanctions lists (e.g., OFAC, UN, EU) during onboarding and ongoing monitoring.
  • Decline or terminate relationships with sanctioned individuals, entities, or jurisdictions.
  • Report any matches to the AML Compliance Officer for further investigation.

12. Independent Audits

  • Conduct an independent audit of the KYC/AML program annually or as required by regulators.
  • Address audit findings promptly and update policies as needed.

13. Reporting and Cooperation

  • Cooperate fully with regulatory authorities and law enforcement in investigations.
  • Submit required reports, such as Currency Transaction Reports (CTRs) for cash transactions >$10,000 (U.S.) or equivalent thresholds in other jurisdictions.
  • Maintain open communication with regulators to stay informed of updates.

14. Policy Updates

  • Review and update this policy annually or upon significant regulatory changes.
  • Communicate updates to all employees and stakeholders.

15. Non-Compliance

  • Failure to comply with this policy may result in disciplinary action, up to and including termination.
  • Non-compliance may also expose SPS DAO Foundation to regulatory penalties, reputational damage, and legal consequences.

16. Contact Information

For questions or to report suspicious activity, contact:
AML Compliance Officer: Benjamin Holliday
Email: thepeoplesguildspl@gmail.com