International Finance Bank LTD

Anti-Money Laundering (AML) and Know Your Customer (KYC) Policy 

Approved by: Managing Directors Board 

1. Purpose and Scope 

This policy establishes the Anti-Money Laundering (AML) and Know Your Customer (KYC) compliance framework of IFBH GmbH. It ensures adherence to national and international regulations, including but not limited to:

  •  EU AML Directives (5AMLD, 6AMLD)
  •  The German Geldwäschegesetz (GwG)
  •  Financial Action Task Force (FATF) Recommendations
  •  Relevant Swiss, Liechtenstein, and international standards


The policy applies to all employees, officers, consultants, intermediaries, and service providers acting on behalf of IFBH GmbH.

2. Objectives 

 The objectives of this policy are to:

  •  Prevent the misuse of the Company’s infrastructure for financial crime.
  •  Identify and verify clients’ identities through a risk-sensitive approach.
  •  Monitor, investigate, and report suspicious activity.
  •  Establish a defensible audit trail for regulators and counterparties.
  •  Uphold a zero-tolerance culture toward money laundering and terrorism financing.


3. Customer Due Diligence (CDD) 

IFB shall categorise clients into three main types: natural persons, legal entities, and intermediaries (e.g., fiduciaries, agents, nominee directors). The following CDD obligations apply:

  • Basic CDD: identity documents, purpose of the relationship. 
  • Enhanced CDD: applicable to high-risk clients, requires source of funds (SoF), source of wealth (SoW), and enhanced monitoring. 
  • Ongoing CDD: real-time and periodic reviews based on risk rating. 


4. Know Your Customer (KYC) Program 

 The KYC Program shall include:

  • Collection and validation of identity documents (e.g., passport, utility bills)
  • Verification of ownership and control (e.g., UBO declarations, share registries)
  • Use of external verification services (IDNow, World-Check, Refinitiv)
  • Screening against international sanctions and PEP databases
  • Video onboarding through a compliance Zoom videoconference and wallet attribution in the case of crypto exposure


5. Risk-Based Approach (RBA) 

Clients shall be assessed on a risk-weighted basis. Risk scoring will consider:

  • Jurisdiction of incorporation/residence
  • Nature of business activity
  • Volume and frequency of transactions
  • Public exposure (PEP status)
  • Involvement of cryptoassets or offshore structures


6. Enhanced Due Diligence (EDD) 

 EDD will be applied to:

  • Politically Exposed Persons (PEPs)
  • High-risk geographies (as per FATF/EU lists)
  • Complex ownership structures (e.g., foundations, trusts)
  • Crypto-heavy entities or non-custodial wallet users

 
EDD measures include in-depth SoF/SoW verification, compliance interviews, board-level approval, and periodic external audits.

7. Monitoring and Reporting 

The company shall:

  • Monitor transaction flows for inconsistency or deviation from expected behaviour.
  • Flag anomalies such as structuring, layering, or transactions involving high-risk addresses.
  • File suspicious activity reports (SARs) to the German FIU within 24 hours of confirmation.
  • Retain a record of all escalations, investigations, and reports.


8. Recordkeeping 

 IFB will maintain records for a minimum of 5 years. These include:

  • KYC files and supporting documentation
  • Transaction logs and compliance notes
  •  Internal approvals and communications
  •  External audit reports and correspondence


9. Training and Awareness 

 All staff shall undergo:

  • Initial AML/KYC training upon hiring
  • Annual refresher courses covering updates in regulation, typologies, and enforcement
  • Ad-hoc training following regulatory changes or internal incidents


10. Governance and Oversight 

 The Managing Director has appointed:

  • A Money Laundering Reporting Officer (MLRO)
  • A Compliance Officer

 
These individuals shall be responsible for day-to-day implementation, audits, staff training, and regulatory engagement.

Annex A: Client Risk Scoring Matrix 


IFB employs a multi-factor scoring system to evaluate the risk level of each client. Scores determine the intensity of due diligence and monitoring.

Annex B: Suspicious Activity Report (SAR) Template 


This template shall be used internally to record and report suspicious transactions or behaviours.

  • Reporting Officer: _________________________  
  • Date of Report: ___________________________  
  • Client ID / Name: __________________________
  • Nature of Suspicion (tick one or more):  

   □ Structuring / Smurfing  
   □ Unusual transaction pattern  
   □ Inconsistent source of funds  
   □ Use of privacy coins or mixers  
   □ Involvement of high-risk country  
   □ Refusal to provide KYC/EDD  

  • Description of Activity: ________________________

 
 • Risk Level: □ Low □ Medium □ High  
 • External Notification Required: □ Yes □ No  
 • If Yes, Report sent to: FIU  / Other: __________  
 • Date of Submission: ___________________________  
 • Supporting Documents Attached: □ Yes □ No  
 • Signature of MLRO: ____________________________  

Annex C: Crypto Wallet Attribution and Tracing 


To comply with FATF Recommendation 16 ("Travel Rule") and MONEYVAL peer review expectations, IFBH GmbH performs attribution, tracing, and analysis of all digital wallets used in significant client transactions.

Key Procedures: 

  1. Ownership Verification – Wallets must be linked to the client via signed message, screenshot, or KYC linkage. 
  2. Blockchain Analytics – Use of Chainalysis, TRM Labs, or equivalent to assess wallet risk scores, historical flows, and exposure to illicit services. 
  3. Travel Rule Data – For transfers exceeding EUR 1,000, IFB records sender and receiver details, wallet addresses, and transmission timestamps. 
  4. Cold Wallet Controls – Where applicable, IFB ensures that assets are transferred to whitelisted or white-labeled wallets only. 
  5. Ongoing Re-Attribution – Re-verification is triggered by changes in wallet activity, offboarding, or compliance alerts. 


All wallet-related data is stored for a minimum of 5 years in accordance with GDPR and AML recordkeeping obligations.

Know Your Payee (KYP) Policy 

Approved by: Managing Directors Board
 

1. Purpose and Applicability 

This Know Your Payee (KYP) Policy outlines the procedures implemented by IFBH GmbH to ensure that all outgoing payments, disbursements, and transfers are made to legitimate, verified, and compliant beneficiaries. The policy aims to mitigate risks associated with sanctions evasion, fraud, terrorist financing, and other illicit activity.
 
 This policy applies to all payments made by IFBH GmbH, including but not limited to:

  • Vendor and contractor disbursements
  • Client refunds and commissions
  • Crypto-to-fiat or fiat-to-crypto settlements
  • Third-party fund instructions on behalf of clients


2. Key Objectives 

  • Prevent disbursements to blacklisted or sanctioned entities
  • Ensure payee identity is validated prior to fund release
  • Verify the legitimacy of the payee's business and banking details
  • Maintain a defensible audit trail of payment verification
  • Flag high-risk beneficiaries for enhanced due diligence (EDD)


3. KYP Due Diligence Process 

The following elements must be verified before executing a payment to a third party: 

  • Identity of Payee: Full name or legal entity name, verified via documentation. 
  • Banking or Wallet Details: Bank name, SWIFT/BIC code, IBAN or crypto wallet address, verified with supporting documents. 
  • Sanctions Screening: Payee checked against EU, UN, OFAC, and other applicable lists. 
  • Business Justification: Payment purpose confirmed with invoice, contract, or payment instruction signed by authorised personnel. 

4. High-Risk Indicators 

 Payments to the following categories are subject to enhanced scrutiny:

  • Beneficiaries located in blacklisted or high-risk jurisdictions
  • Use of private or unregulated wallets for crypto settlements
  • Shell companies or entities without operational websites or references
  • Requests to change payee shortly before payment
  • Use of intermediaries or third-party payment accounts without clear justification


5. Payee Verification Methods 

Depending on the risk classification, IFB shall use one or more of the following verification methods:

  • Bank confirmation letters or account ownership certificates
  • Wallet verification via signed message or blockchain attribution
  • Video call confirmation (for individuals or new entities)
  • Reverse lookup via World-Check, Refinitiv, and sanctioned entity databases


6. Recordkeeping and Audit 

All KYP checks must be documented and stored with the relevant payment file. IFB maintains these records for a minimum of 5 years. Internal audits will verify the integrity and completeness of KYP checks semi-annually.

7. Roles and Responsibilities 

  • The Finance Department is responsible for executing KYP checks before releasing payments.
  • The Compliance Officer supervises adherence to the KYP framework and investigates any anomalies.
  • The MLRO must be consulted for any high-risk or suspicious payees.