C2Bank's

My Account

A.M.L Policy

 

 

1. Purpose and Scope

 

This Policy sets out the principles and procedures adopted by C2Banks / Novo Capital S.r.o (“C2Banks”, “we”, “our”, “us”) to prevent the use of its products, services, and infrastructure for money-laundering (“ML”), terrorist-financing (“TF”), or other financial crimes.

It applies to all C2Banks staff, contractors, subsidiaries, affiliates, and third-party service providers engaged in the provision of:

  • Multi-currency payment accounts and IBANs;

  • Virtual and physical payment cards;

  • Crypto-fiat and fiat-crypto swap services;

  • Digital-wallet management and on/off-ramp solutions;

  • Any other financial technology service operated under the C2Banks brand.

2. Legal Framework

This Policy is established under and consistent with:

  • Directive (EU) 2015/849 and subsequent amendments (AMLD V/VI);

  • Act No. 253/2008 Coll. on Measures against Money Laundering and Terrorist Financing (Czech AML Act);

  • Regulation (EU) 2015/847 on information accompanying transfers of funds;

  • FATF (“Financial Action Task Force”) Recommendations;

  • GDPR (EU) 2016/679 regarding data protection;

  • Other national and international sanctions regimes (EU, UN, OFAC).

3. Policy Statement

C2Banks maintains a zero-tolerance stance toward money laundering, terrorist financing, and any activity facilitating such crimes.
We are committed to:

  1. Complying with all applicable AML/CFT laws and regulations;

  2. Conducting business only with verified, legitimate customers;

  3. Identifying and reporting suspicious activities to competent authorities;

  4. Promoting a compliance culture among employees and partners.

4. Responsibilities

  • Board of Directors – approves AML strategy, allocates resources, and oversees implementation.

  • Compliance Officer (MLRO) – manages the AML program, monitors alerts, reviews transactions, and reports suspicious activity to the Financial Analytics Office (FAU ČR).

  • Staff Members – follow AML procedures, complete required training, and report any suspicious behavior.

  • Third-Party Partners – must maintain equivalent AML standards and contractual obligations with C2Banks.

5. Customer Due Diligence (CDD)

C2Banks performs risk-based CDD on all clients before establishing a business relationship and throughout its lifetime.

5.1 Identification and Verification

  • Individuals: legal name, date of birth, nationality, government ID/passport, address, selfie / biometric verification.

  • Legal entities: legal name, registration number, incorporation certificate, registered office, directors and UBOs (≥25 %), company structure, and ownership proof.

  • Politically Exposed Persons (PEPs): screened using reputable databases.

  • Sanctions Screening: all customers and related parties are screened against EU, UN, OFAC, UK HMT, and local lists.

5.2 Enhanced Due Diligence (EDD)

Applied when higher-risk factors exist, such as:

  • High-value or complex transactions;

  • Customers from high-risk jurisdictions;

  • Cross-border crypto or offshore structures;

  • PEPs or entities with opaque ownership.

EDD may include additional identity verification, proof of funds/wealth, source of income, or senior-management approval.

5.3 Ongoing Monitoring

  • Continuous transaction review using automated and manual monitoring.

  • Periodic KYC refresh (annually or risk-based).

  • Re-screening for sanctions, PEPs, and adverse media.

6. Risk-Based Approach

C2Banks classifies customers, products, and geographies into low, medium, and high-risk tiers.
Risk scoring considers:

  • Geographic risk;

  • Product/service risk;

  • Delivery channel risk;

  • Customer type and business activity;

  • Volume and complexity of transactions.

Controls are applied proportionally to the identified risk.

7. Prohibited Activities and Industries

C2Banks does not onboard or process transactions involving:

  • Shell banks or anonymous accounts;

  • Unlicensed money-service businesses;

  • Arms, weapons, or military equipment;

  • Human trafficking, pornography, or exploitative content;

  • Illegal gambling, drugs, or narcotics trade;

  • Pyramid schemes or fraudulent investment programs;

  • Transactions with sanctioned persons or jurisdictions.

8. Transaction Monitoring and Reporting

  • All customer activity is automatically screened and analyzed using internal and third-party monitoring tools.

  • Alerts are reviewed by the Compliance Officer for escalation.

  • Suspicious Transaction Reports (STRs) are filed promptly with the Financial Analytics Office (FAU ČR) in accordance with Czech law.

  • Immediate action (account freeze or termination) may occur when required by law or risk policy.

9. Record Keeping

All CDD documentation, transaction records, and reports are securely retained for at least 10 years after termination of the business relationship or completion of the transaction, whichever is later.
Records are encrypted, access-restricted, and retrievable for competent authorities upon lawful request.

10. Training and Awareness

All employees, agents, and relevant contractors receive mandatory AML/CFT training at onboarding and annually thereafter, covering:

  • Money-laundering typologies;

  • Red flag identification;

  • Customer risk assessment;

  • Reporting obligations;

  • Data-protection requirements.

Training completion is logged and reviewed by Compliance.

11. Sanctions Compliance

C2Banks complies with EU, UN, OFAC, UK, and Czech national sanctions regimes.
We screen all counterparties and transactions prior to execution and continuously thereafter.
Matches trigger enhanced review and potential reporting to authorities.

12. Data Protection

All AML data processing is carried out under GDPR Articles 6(1)(c) and 6(1)(f) — lawful obligation and legitimate interest.
Sensitive information is processed only as necessary for compliance and retained in accordance with Section 9.

13. Internal Controls and Audit

The AML program is supported by documented policies, internal controls, and independent audits to ensure effectiveness.
The Compliance Officer reports directly to senior management and submits annual AML compliance reports.

14. Cooperation with Authorities

C2Banks cooperates fully with:

  • Financial Analytics Office (FAU ČR);

  • Czech National Bank (CNB);

  • European Financial Intelligence Units (FIUs);

  • Law enforcement and tax authorities, upon lawful request.

15. Breach Management and Disciplinary Measures

Any employee or agent who violates AML obligations may face disciplinary action, up to termination or criminal referral.
All breaches are documented and escalated to senior management and, where required, to FAU ČR.

16. Review and Updates

This Policy is reviewed annually or whenever legislation, risk exposure, or business model changes require it.
Updates are approved by the Board of Directors and communicated to all staff and partners.

17. Contact Information

Compliance Department – C2Banks / Novo Capital S.r.o
📍 Cimburkova 916/8, Žižkov, 130 00 Prague 3, Czech Republic
📧 compliance@c2banks.com

© 2025 C2Banks / Novo Capital S.r.o – All rights reserved.