logo
Sign InSign Up
Follow Us
About UsAPI DocKYC DisclaimerContact UsRisk DisclosureUser AgreementAML PolicyPrivacy PolicyLegal DisclaimerFee RatesFutures Trading Voucher Rules

Copyright © 2026 COINMY

  • About Us
  • API Doc
  • KYC Disclaimer
  • Contact Us
  • Risk Disclosure
  • User Agreement
  • AML Policy
  • Privacy Policy
  • Legal Disclaimer
  • Fee Rates
  • Futures Trading Voucher Rules

AML Policy

2024-10-19 16:00:00

Dear Global Coinmy Users:

Please read Coinmy's AML (Anti-Money Laundering) and KYC (Know Your Customer) Policies carefully.

Coinmy's AML/KYC Policies and Procedures

This policy addresses Coinmy's Anti-Money Laundering and Countering the Financing of Terrorism (AML/KYC) policies and procedures. This policy is intended for general information purposes only and does not create any legal obligation on Coinmy and/or any other person (natural or otherwise).

A. Coinmy AML/KYC Operating Principles and Methods

Coinmy is committed to supporting AML/KYC operations. In principle, we commit to:

Conducting due diligence when dealing with our customers and natural persons appointed to act on behalf of our customers;

Developing business in accordance with high ethical standards and, to the extent possible, preventing the establishment of any business relationships that are related to or could facilitate money laundering or the financing of terrorism;

We will provide the utmost assistance and cooperate with relevant legal authorities to prevent the threats of money laundering and the financing of terrorism.

B. Coinmy's Risk Assessment and Risk Mitigation Methods

Risk Assessment

We anticipate that most of our customers will be retail customers, and as of the date of this policy, we will primarily operate in the Republic of Seychelles.

In this regard, we will:

a. Document and/or collect documentation regarding:

The identity of our customers;

The country or jurisdiction from which our customers originate or where they are located; and

b. Based on our knowledge, skills, and abilities, ensure that our customers, related parties of our customers, natural persons appointed to act on behalf of our customers, and beneficial owners of our customers are assessed and screened with the assistance of designated lists of individuals and entities, including (but not limited to) the following categories:

Democratic People's Republic of Korea;

Democratic Republic of the Congo;

Iran;

Libya;

Somalia;

South Sudan;

Sudan;

Yemen;

UN1267/1989 Al-Qaida Sanctions List;

UN1988 Taliban Sanctions List;

Persons identified in Schedule 1 to the Terrorism (Suppression of Financing) Act (Cap. 325).

Risk Mitigation

If discovered, we will not deal with any person on the designated list of individuals and entities.

C. Our Approach to New Products, Practices, and Technology

We shall provide appropriate advice on the identification and assessment of potential money laundering and terrorism financing risks that may arise from:

The development of new products and new business practices, including new delivery mechanisms;

The use of new or developing technologies for new and existing products.

We will pay particular attention to new products and new business practices, including new delivery mechanisms, and new or developing technologies that facilitate anonymity, such as digital tokens that facilitate anonymity (whether they are security, payment, and/or utility tokens).

D. Our Customer Due Diligence Methods (CDD)

We will not open, maintain, or accept anonymous accounts or accounts in obviously fictitious names (pseudonymous accounts).

We will not establish a business relationship or carry out a transaction for a customer if we have any reasonable grounds to suspect that the customer's assets or funds are the proceeds of drug dealing or criminal conduct. We will file a Suspicious Transaction Report (STR) for such transactions and provide a copy to the relevant financial intelligence unit.

We shall perform CDD in the following situations:

When we establish a business relationship with any customer;

When we carry out a transaction for any customer with whom we have not established a business relationship;

When we receive cryptocurrency via transfer for a customer with whom we have not established a business relationship;

When we suspect money laundering or the financing of terrorism;

When we doubt the veracity or adequacy of any information.

Where we suspect that 2 or more transactions are or may be related or connected, or have been deliberately restructured into smaller transactions to evade AML/CFT measures, we shall treat the transactions as a single transaction and aggregate their value to comply with AML/CFT principles.

Certifying Our Customers

We will certify each of our customers.

To certify our customers, we must know at least:

Their full name, including aliases;

Their unique identification number (e.g., identity card number, birth certificate number, or passport number, or their business registration number if the customer is not a natural person);

Their registered address, or their registered business address (if applicable), or their principal place of business if the registered address and business address are different;

Their date of birth, incorporation, or registration;

And their nationality or place of registration.

If the customer is a legal person, in addition to obtaining the above-mentioned relevant information, we shall also determine its legal form, constitutive documents, and the powers that govern and bind the legal person. We shall also identify its related parties (e.g., directors, partners, and/or persons with executive authority) by obtaining at least the following information for each related party:

Full name, including aliases;

And unique identification number, e.g., the related party's identity card number, birth certificate number, or passport number.

Verifying Customer Identity

We will use reliable, independent source data, documents, or information to verify the identity of our customers. If our customer is a legal person or legal arrangement, we will use reliable, independent source data, documents, or information to verify the legal form, proof of existence, constitutive documents, and the powers that govern and bind the customer.

Identifying and Verifying the Identity of Natural Persons Appointed to Act

a. Customer Representatives

If the customer appoints one or more natural persons to represent them in establishing a business relationship with us, or if the customer is not a natural person, we will:

Identify each natural person acting or appointed to act on behalf of the customer by obtaining the following information:

Their full name;

Their unique identification number;

Residential address;

Date of birth;

Nationality;

And verify the identity of the said natural person using reliable, independent source data, documents.

We shall also verify the appropriate authority of each natural person designated to act on behalf of our customer by obtaining the following information:

Appropriate written evidence of the authority for our customer to designate such a natural person;

Signature specimen of each natural person.

If the customer is a government entity, we will only obtain the information that may be necessary to confirm that the customer is the claimed government entity.

Identifying and Verifying Beneficial Owners

We will inquire whether there are any beneficial owners associated with the customer.

If the customer has 1 or more beneficial owners, we will identify the beneficial owners and take reasonable measures to verify the identity of the beneficial owners using relevant information or data obtained from reliable, independent sources. We should:

If the customer is a legal person —

Determine the natural person(s) who ultimately own the legal person (whether acting alone or jointly);

If there is doubt about whether the natural person who ultimately owns the legal person is the beneficial owner, or if there is no natural person who ultimately owns the legal person, then determine the natural person(s) who ultimately control or own the legal person (as applicable) or exercise ultimate effective control over the legal person; and

If no natural person is determined, then determine the natural person(s) who hold executive authority in such a legal person;

If the customer is a legal arrangement —

In the case of a trust, identify the settlor, the trustee, the protector (if applicable), the beneficiaries, and any natural person exercising ultimate ownership, ultimate control, or ultimate effective control over the trust; and

For other types of legal arrangements, identify persons in equivalent positions.

If our customer is not a natural person, we will determine the nature of the customer's business, and the ownership and control structure.

We will be required to confirm the identity of a customer's beneficial owner if the customer is:

An entity listed on a stock exchange;

An entity listed on a stock exchange and subject to regulatory disclosure requirements; and adequate transparency requirements concerning its beneficial owners;

A financial institution;

A financial institution that is subject to and supervised for compliance with AML/CFT requirements consistent with FATF standards; or

An investment vehicle managed by a financial institution, or subject to AML/CFT requirements consistent with FATF standards;

Unless we suspect the veracity of the CDD information, or suspect that our customer, the business relationship with the customer, or a transaction carried out for the customer may be related to money laundering or terrorism financing.

We will also record the basis on which we made our determination.

Information on the Purpose and Intended Nature of Business Relationships and Transactions Without Account Opening

When processing an application to establish a business relationship or an unannounced transaction, we shall understand and, where appropriate, obtain information from the customer about the purpose and intended nature of the business relationship or transaction.

Reviewing Transactions Carried Out Without Account Opening

If we carry out one or more transactions for a customer without opening an account (current transaction), we will review the customer's previously carried out transactions to ensure that the current transaction is consistent with our knowledge of the customer, their business and risk profile, and source of funds.

When we establish a business relationship with a customer, the payment service provider should review all transactions prior to the establishment of the business relationship to ensure that the business relationship is consistent with our knowledge of the customer, their business and risk profile, and source of funds.

We will pay particular attention to all complex, unusually large, or unusual patterns of transactions carried out without account opening that have no obvious economic purpose. We will investigate the background and purpose of the aforementioned transactions where possible and record our findings so that this information can be provided to the relevant authorities if needed.

For the purpose of reviewing transactions carried out without account opening, we will establish and implement appropriate systems and processes commensurate with the size and complexity of the payment service provider to:

Monitor its transactions carried out without opening an account for a customer; and

Detect and report suspicious, complex, unusually large, or unusual patterns of transactions carried out without an account.

If there are reasonable grounds to suspect that a transaction carried out by a customer without account opening is related to money laundering or the financing of terrorism, and we deem it appropriate to proceed with the transaction, the payment service provider shall confirm and document the reasons for proceeding.

Ongoing Monitoring

We will continuously monitor the business relationship with the customer. During the course of the business relationship with the customer, we will observe the operation of the customer's accounts and review transactions throughout the business relationship to ensure that the transactions are consistent with our knowledge of the customer, their business and risk profile, and, where appropriate, their source of funds.

If a transaction involves transferring cryptocurrency to or receiving cryptocurrency from the following entities, we will implement our risk mitigation measures:

Financial institutions;

Or financial institutions that are subject to and supervised for compliance with AML/CFT requirements consistent with FATF standards.

We will pay particular attention to all complex, unusually large, or unusual patterns of transactions carried out throughout the business relationship that have no obvious economic or lawful purpose. We will investigate the background and purpose of the aforementioned transactions where possible and record our findings so that this information can be provided to the relevant authorities if needed.

For the purpose of ongoing monitoring, we will establish and implement appropriate systems and processes commensurate with the size and complexity of the payment service provider to:

Monitor its business relationship with customers; and

Detect and report suspicious, complex, unusually large, or unusual patterns of transactions carried out throughout the business relationship.

We will ensure that the CDD data, documents, and information obtained regarding the customer, the natural person(s) appointed to act on behalf of the customer, the related parties of the customer, and the beneficial owners of the customer remain relevant and are kept up-to-date, in particular for higher-risk categories of customers, through reviewing existing CDD data, documents, and information.

If there are any reasonable grounds to suspect that an existing business relationship with a customer is related to money laundering or terrorism financing, and we deem it appropriate to retain the customer:

We will confirm and document the reasons for retaining the customer; and

The business relationship with the customer shall be subject to corresponding risk mitigation measures, including enhanced ongoing monitoring.

When we assess a customer or the business relationship with a customer as high-risk, the payment service provider shall adopt enhanced CDD measures, including obtaining approval from our senior management to retain the customer.

CDD Measures for Non-Face-to-Face Business Relationships or Transactions

We will establish policies and procedures to address any specific risks associated with non-face-to-face business relationships with customers or non-face-to-face transactions carried out without opening an account for the customer (non-face-to-face contact).

We will implement the policies and procedures when establishing a business relationship with the customer and performing ongoing due diligence.

If there is no face-to-face contact, the payment service provider should implement CDD measures that are at least as stringent as those required when there is face-to-face contact.

When the payment service provider conducts the first non-face-to-face business contact, the payment service provider shall, at its own expense, engage an external auditor or an independent qualified consultant to assess the effectiveness of the policies and procedures, including the effectiveness of any technological solution used to manage the risk of impersonation.

We will appoint an external auditor or an independent qualified consultant to assess new policies and procedures and submit the assessment report to the Authority within one year of the policies and procedures' change implementation.

Reliance of Acquiring Payment Service Provider on Measures Already Taken

When we (the acquiring payment service provider) acquire all or part of the business of another payment service provider, we will implement measures for customers obtained through that business at the time of acquisition, unless the acquiring payment service provider:

Simultaneously obtains all corresponding customer records (including CDD information) and has no doubts or concerns regarding the accuracy or adequacy of the information obtained; and

Conducted due diligence that did not raise any questions regarding the adequacy of the AML/CFT measures taken by the acquired payment service provider in respect of the business or part of the business now acquired by the acquiring payment service provider, and documented such a process.

Measures for Non-Account Holders

If we carry out a transaction for any customer with whom we have no other business relationship,

we will:

Implement CDD measures as if the customer had applied to the payment service provider to establish a business relationship; and

Record sufficient details of the relevant transaction to reconstruct the transaction, including the nature and date of the transaction, the type and amount of currency involved, the value date, and details of the payee or beneficiary.

Timing of Verification

We shall complete the verification of the identity of the customer, the natural person(s) designated to act on behalf of the customer, and the beneficial owners of the customer before the occurrence of any of the following:

The payment service provider establishes a business relationship with the customer;

The payment service provider carries out any transaction for the customer where the customer has not established a business relationship with the payment service provider;

Or the payment service provider facilitates or receives digital payment tokens via value transfer for the customer, where the customer has not established a business relationship with the payment service provider.

In the following circumstances, our provider may establish a business relationship with the customer before completing the verification of the identity of the customer, the natural person(s) designated to act on behalf of the customer, and the beneficial owners of the customer:

Deferring the completion of verification is essential so as not to interrupt the normal conduct of commercial operations; and

The risks of money laundering and terrorism financing can be effectively managed by the payment service.

If we establish a business relationship with a customer before verifying the identity of the customer, the natural person(s) instructed to act on behalf of the customer, and the beneficial owners of the customer, we shall take the following steps:

Establish and implement internal risk management policies and procedures that prescribe the conditions for establishing such a business relationship before identity verification.

Complete identity verification as soon as reasonably possible.

If Measures are Not Completed

If we are unable to complete the measures as required, we shall not commence or continue a business relationship with any customer or execute any transaction for any customer.

If we are unable to complete these measures, the payment service provider shall consider whether the circumstances are suspicious and whether it is necessary to file a Suspicious Transaction Report.

The completion of measures means that the payment service provider has obtained, screened, and verified (including delayed verification as described in paragraphs 6.43 and 6.44) all necessary customer identification information prescribed in paragraphs 6, 7, and 8, and the payment service provider has received satisfactory answers to all inquiries related to this necessary customer identification information.

Joint Accounts

For joint accounts, we shall treat each of the joint account holders as an individual customer of the payment service provider and take customer due diligence measures in respect of them.

Screening

We shall screen customers, natural persons designated to act on behalf of customers, related parties of customers, and beneficial owners of customers against information sources concerning money laundering and the financing of terrorism and lists and information provided by the Authority to determine whether there is any risk of money laundering or the financing of terrorism posed by the customer.

We will conduct screening for the following situations and for the following persons:

When we establish a business relationship with the customer (or as soon as reasonably practicable after establishing the business relationship).

Before we execute any transaction for a customer with whom we have not established a business relationship.

Before we facilitate or receive digital assets via value transfer for a customer with whom we have no other business relationship.

Periodically after we establish a business relationship with the customer; and

Whenever there are any changes or updates to:

Lists and information provided by the Authority to the payment service provider; or

Natural persons designated to act on behalf of the customer, its related parties, or beneficial owners.

We will screen all value transfer originators and value transfer beneficiaries based on lists and information provided by the Authority to determine whether there is a risk of money laundering or the financing of terrorism and record the results of all screenings.

E. Our Approach to Enhanced Customer Due Diligence

Politically Exposed Persons (PEPs)

We shall use all reasonable means to determine whether a customer, any natural person instructed to act on behalf of the customer, any related party of the customer, or any beneficial owner of the customer or their family members or close associates is a Politically Exposed Person (PEP).

If the customer or any beneficial owner of the customer or their family members or close associates is determined by us to be a PEP, in addition to the regular CDD measures, we shall execute at least the following Enhanced Due Diligence measures:

Obtain senior management approval for establishing and continuing the business relationship with the customer.

Determine the source of wealth and source of funds of the customer and any of their beneficial owners by reasonable means.

During the course of the business relationship with the customer, enhance supervision of our business relationship with the customer. For any transaction that appears unusual, we shall elevate the monitoring level and upgrade the positioning of the monitoring nature.

Higher Risk Categories

We recognize that circumstances where a customer has or may have a higher risk of money laundering or terrorism financing include, but are not limited to, the following situations:

If a customer or any beneficial owner of the customer originates from or is located in a country/region or jurisdiction that the Financial Action Task Force (FATF) requires to apply countermeasures for AML/CFT, the payment service provider shall treat any business relationship or transaction with any such customer as posing a higher risk of money laundering or terrorism financing.

If a customer or any beneficial owner of the customer originates from or is located in a country/region or jurisdiction that the payment service provider has determined itself, or has been notified by the Authority or other foreign regulatory authorities, to have deficient AML/CFT measures, the payment service provider shall assess whether any such customer poses a higher risk of money laundering or terrorism financing.

We shall adopt enhanced CDD measures for customers that pose a higher risk of money laundering or terrorism financing, or any customer that the Authority notifies us poses a higher risk of money laundering and terrorism financing.

F. Handling of Bearer Negotiable Instruments and Cash Payment Restrictions

We will not make any payments in the form of bearer negotiable instruments.

We will not pay any amount of cash in the course of our business operations.

G. Value Transfer Methods (To be implemented when required)*

If we are the Originating Institution, before executing a value transfer, we shall:

Identify the originator and take reasonable measures to verify their identity (if this measure has not been previously taken).

Sufficiently record the details of the value transfer, including but not limited to the date of the value transfer, the type and value of the digital asset transferred, and the value date.

If we are the Originating Institution, the memorandum or payment instructions attached to or associated with the value transfer shall state:

The originator's name.

The originator's account number (or unique transaction reference number, if applicable).

The beneficiary's name.

The beneficiary's account number (or unique transaction reference number, if applicable).

Value Transfers Exceeding a Specific Threshold

If we are the Originating Institution, for value transfers exceeding a specific threshold, we shall identify and verify the originator's identity, including the memorandum or payment instructions attached to or associated with the value transfer, and the following:

The originator's residential address; or

The originator's registered address or business address (if the addresses are different, the principal place of business should also be noted).

The originator's unique identification number; or

The originator's date and place of birth, and the registration or incorporation of the value transfer.

We shall immediately submit all information of the value transfer originator and value transfer beneficiary to the Beneficiary Institution in a secure manner and record all such information. If we, as the Originating Institution, are unable to meet the requirements, we will not execute the value transfer.

If we are the Beneficiary Institution:

We shall take reasonable measures to identify value transfers that lack the necessary value transfer originator or value transfer Beneficiary Institution information.

If we, as the Beneficiary Institution, pay the value of the transferred digital assets to the value transfer beneficiary in cash or cash equivalents, we shall identify and verify the identity of the value transfer beneficiary (if their identity has not been previously verified).

Before executing the value transfer, we shall always review the circumstances where information about the value transfer originator or value transfer beneficiary is missing and record our subsequent actions.

If we are the Intermediary Institution:

We will retain all information related to the value transfer.

If we, as the Intermediary Institution, execute a value transfer to another Intermediary Institution or Beneficiary Institution, we shall immediately provide the information attached to that value transfer to the other Intermediary Institution or Beneficiary Institution in a secure manner.

If we are the Intermediary Institution receiving the value transfer, we shall retain all information received from the Originating Institution or other Intermediary Institutions for at least five years.

We shall take reasonable measures to identify value transfers that lack the necessary originator or beneficiary information during straight-through processing.

H. Record Keeping

We will retain appropriate records as required for at least 5 years.

I. Personal Data

We will protect customer's personal data in the prescribed manner.

J. Suspicious Transaction Report (STR)

We will notify the relevant authorities and file a Suspicious Transaction Report in accordance with the law. We will also retain all records and transactions related to all such transactions and STRs.

K. Our Compliance, Audit, and Training Policies

Among other measures, we will appoint an AML/CFT Compliance Officer at the management level, maintain independent audit capabilities, and take active measures to regularly train employees on AML/CFT.

Enterprise-Wide ML/TF Risk Assessment

We will conduct an enterprise-wide money laundering/terrorism financing risk assessment in three phases:

Phase 1: Inherent Risk Assessment

We will assess the inherent risks related to:

Customers or Entities: We shall assess the customers and/or entities we deal with.

Products or Services: We should be aware of whom we provide cryptocurrency OTC services to.

Geographical Scale: We must not deal with customers on the designated list of individuals and entities.

Phase 2: Assessment of Risk Control Measures

We will assess the risk control measures related to the above circumstances. We will monitor any and/or all customers we deem suspicious and conduct enhanced due diligence on them.

Phase 3: Residual Risk Assessment

We will assess the residual risk after evaluating the risk control measures.

Do you have any other questions regarding this policy or would you like me to elaborate on a specific section?