سیاست AML/KYC

Anti-Money Laundering (AML) & Know Your Customer (KYC) Policy – appshartbandi.net 🔒

Last updated: 25 October 2025

This page sets out the official Anti-Money Laundering (AML) and Know Your Customer (KYC) framework for
appshartbandi.net. The policy protects users and partners, deters illicit finance, and aligns our
operations with internationally recognized standards. It is written to meet EEAT (Experience, Expertise,
Authoritativeness, Trustworthiness) and YMYL (Your Money or Your Life) expectations by providing clear definitions,
robust controls, and verifiable procedures. ✅

📌 Scope, Purpose, and Applicability

This policy applies to all products, pages, communications, and any payment-related processes of
appshartbandi.net, including (where applicable):

  • Account or profile creation,
  • Payments for educational content or services,
  • Refunds and payouts related to our own services (not gambling),
  • Commercial partnerships, sponsorships, and consulting engagements,
  • Dispute handling and complaints related to such payments.

It applies to all personnel, contractors, payment partners, and service providers who support our services.
appshartbandi.net does not operate as a gambling or betting platform. This AML/KYC framework governs
our own financial interactions and sets the standard for our stance and content in relation to AML/CFT topics.

🧭 Regulatory Alignment & Best-Practice References

Our AML/KYC framework is informed by the following standards and references:

  • FATF Recommendations (risk-based AML/CFT approach, CDD/EDD, ongoing monitoring, reporting, record retention).
  • Directive (EU) 2015/849 and Directive (EU) 2018/843 (AMLD4/AMLD5) regarding AML/CFT obligations.
  • Regulation (EU) 2015/847 on information accompanying transfers of funds.
  • Applicable national laws, sanctions regimes, and supervisory guidance relevant to users’ locations and our payment partners.
  • Data protection principles consistent with GDPR for privacy, security, and data minimization.

🧾 Definitions

Money Laundering (ML): Converting, transferring, concealing, or disguising the origin of property known to be derived from criminal activity, or assisting persons involved in such activity to evade legal consequences.

Customer Due Diligence (CDD/KYC): Identifying and verifying customers or counterparties, understanding the purpose of the relationship, and applying ongoing monitoring proportionate to risk.

Enhanced Due Diligence (EDD): Additional checks for high-risk customers, jurisdictions, products, or behaviors, including more detailed information and more frequent monitoring.

Source of Funds (SoF) / Source of Wealth (SoW): Evidence that explains the origin and legitimacy of funds involved in a transaction and the customer’s overall wealth.

Suspicious Transaction/Activity Report (STR/SAR): A formal report submitted to a Financial Intelligence Unit (FIU) or competent authority when ML/TF is suspected.

🏛️ Governance & Accountability

  • Senior Management
    • Sets the tone-from-the-top on compliance.
    • Approves this policy and subsequent material changes.
    • Allocates resources to implement AML/KYC controls effectively.
    • Oversees overall effectiveness and remediation activities.
  • AML Compliance Officer (AMLCO)
    • Designs and maintains AML/KYC controls and procedures.
    • Supervises monitoring, investigations, and case handling.
    • Evaluates alerts, escalates cases, and recommends actions.
    • Liaises with regulators, FIUs, and relevant authorities where required.
  • First Line (Operations & Support)
    • Implements CDD/EDD requirements in day-to-day operations.
    • Enforces payment rules and risk thresholds.
    • Identifies and flags unusual or suspicious behaviour.
  • Internal Audit / Independent Review
    • Performs periodic, independent reviews of the AML/KYC framework.
    • Tests control effectiveness, data quality, and process integrity.
    • Provides findings and recommendations for continuous improvement.

🛠️ Policy Maintenance & Change Control

Material updates to this AML/KYC Policy undergo:

  • A documented risk impact assessment,
  • Review and approval by Senior Management and the AMLCO.

Previous versions are archived to ensure full auditability and traceability of changes over time.

🧩 Risk-Based Approach (RBA) & Enterprise-Wide Risk Assessment (EWRA)

appshartbandi.netased approach to AML/KYC. We conduct an
Enterprise-Wide Risk Assessment (EWRA) at least annually, or earlier when major business, regulatory,
or environmental changes occur.

The EWRA assesses inherent risks across:

  • Our services (educational content, advisory, limited payment interactions),
  • Delivery channels (online, remote communications, cross-border reach),
  • User types (individual users, partners, sponsors, vendors),
  • Geographic risk and sanctions exposure,
  • Transactional patterns and values (where payments occur),
  • Emerging ML/TF typologies relevant to digital platforms and content businesses.

The EWRA informs:

  • Risk thresholds and rule-based controls,
  • EDD triggers and risk flags,
  • Monitoring frequency and depth,
  • Escalation and reporting requirements.

🪪 Tiered Customer Verification (KYC)

When appshartbandi.net directly engages in financial transactions (e.g. paid services, sponsorships or refunds),
account or counterparty verification follows a tiered KYC structure. Certain actions may be delayed or restricted
until the required tier is completed.

Tier 1 – Basic Profile (required before any payout)

Minimum data collected:

  • Full name,
  • Date of birth,
  • Gender (where legally permitted and necessary),
  • Nationality,
  • Country of usual residence,
  • Full residential address.

Controls:

  • Automated database checks and sanctions screening, where available and lawful.
  • If checks are unavailable, fail, or show inconsistencies, proof of address may be required.

Tier 2 – Advanced ID Verification

Triggered when cumulative payments, payouts, or obligations reach 2,000 (USD/EUR or equivalent).

Requirements:

  • Valid government-issued ID (e.g. passport, national ID, driver’s licence).
  • ID photographed next to a random 6-digit code written by the user.
  • Live selfie or equivalent verification for face match (where technically supported).
  • Where e-verification fails: a recent proof of address (utility bill, bank statement, or official letter issued
    within the last 3 months) showing full name and address. All four corners must be visible and text legible.

Tier 3 – Source of Funds / Source of Wealth (SoF/SoW)

Triggered when cumulative payments or payouts reach 5,000-peer or third-party-related
flows (where applicable) reach 3,000 (USD/EUR or equivalent).

Acceptable SoF/SoW documents include, but are not limited to:

  • Employment payslips, HR letters, or tax statements.
  • Audited business accounts, invoices, and corporate registry extracts.
  • Investment statements, brokerage reports, proof of asset sale/liquidation.
  • Inheritance or gift documentation (probate documents, notarized deeds, bank confirmations).

🌍 Geographic Risk Categorization

We categorise geographical risk to determine the depth of CDD/EDD and the thresholds applied:

  • Low Risk:
    Tiers and thresholds as described above (Tier 2 at 2,000; Tier 3 at 5,000).
  • Medium Risk:
    Lower thresholds such as:
    • Tier 2 from 1,000,
    • Tier 3 from 2,500.

    Crypto-to-fiat related flows may be treated as medium risk even if the country is otherwise considered lower risk.

  • High Risk:
    Service may be restricted or prohibited entirely. Country lists are periodically reviewed against
    sanctions lists, FATF public statements, and regulatory advisories.

💳 Payment Method Controls

In any financial interaction involving appshartbandi.net:

  • The same method used for deposit (where relevant) should be used for withdrawal at least up to the deposited amount.
  • Third-party cards or accounts are prohibited; the account name must match the verified user or contracting entity.
  • Structuring deposits or withdrawals to evade thresholds is treated as a red flag and may trigger EDD or lead to account restrictions or closure.

🔎 Ongoing Monitoring & Three Lines of Control

We maintain a layered control framework:

  • First Line: We work with reputable PSPs and financial institutions that operate effective AML/KYC controls
    at onboarding and at transaction time.
  • Second Line: Rules-based and technology-assisted monitoring overseen by the AMLCO. Red flags include:
    • Rapid or circular payment/refund cycles,
    • Behavior inconsistent with stated purpose of relationship,
    • Unexplained currency switching or routing through high-risk jurisdictions,
    • Signals of account takeover or identity misuse.
  • Third Line: Manual case reviews of suspicious or high-risk users, and STR/SAR filings with the relevant FIU
    where required by law.

📈 Control Thresholds at a Glance

Control Layer Trigger Required Actions
CDD Tier 1 Account creation / before first payout or material transaction Profile data + automated checks; proof of address if needed
CDD Tier 2 Cumulative payments or payouts ≥ 2,000 Government ID + handwritten 6-digit code + selfie; PoA if e-checks fail
EDD Tier 3 Payments/payouts ≥ 5,000 or P2P/third-party flows ≥ 3,000 SoF/SoW evidence; enhanced screening and manual review
Monitoring All customers and counterparties Rules + ML models; sanctions checks; case management & STR/SAR where applicable

🧩 Acceptable SoF/SoW Examples

  • Employment income (recent payslips, HR letters, tax statements).
  • Business ownership and self-employment (audited accounts, invoices, contracts, corporate filings).
  • Investments (brokerage statements, dividends, proof of sale of shares or assets).
  • Inheritance or gifts (probate records, notarized deeds, official bank confirmations).

🚨 Detection, Escalation, and STR/SAR

  • Staff must promptly escalate atypical or suspicious activity to the AML team via secure channels.
  • The AML team evaluates alerts, documents rationale, and determines whether an STR/SAR must be filed with the relevant FIU.
  • “Tipping-off” is strictly prohibited: customers or partners are not informed about STR/SAR submissions where law forbids such disclosure.

🧰 Procedures & Playbooks

Operational playbooks translate this policy into step-by-step procedures, including:

  • Minimum CDD standards for different counterparties,
  • Sanctions and watchlist screening routines,
  • EDD triggers and escalation matrices,
  • Account or relationship restrictions and offboarding criteria,
  • Communication templates for information requests and decisions.

For any payouts (where applicable), transactional activity may be reviewed to ensure it is consistent with the stated
purpose of the relationship and does not indicate circular or suspicious flows.

🧾 Record-Keeping

  • KYC records are retained for at least 10 years after the business relationship ends, or longer where required by law.
  • Transaction records are retained for at least 10 years after execution or termination, whichever is later.
  • Records are stored securely with encryption at rest and in transit, using both online and offline safeguards.

🧑‍🏫 Training & Awareness

  • Mandatory AML induction training is provided for new hires in relevant roles.
  • Periodic refresher training is delivered for finance, risk, operations, and support staff.
  • Case-based learning covers typologies such as smurfing, mule accounts, synthetic identities, and crypto on/off-ramp risks.
  • Training effectiveness is monitored via KPIs, quality assurance reviews, and internal audit findings.

🧪 Internal Audit & Continuous Improvement

  • Internal Audit (or an independent reviewer) conducts regular reviews of AML/KYC controls and data quality.
  • Key metrics such as false-positive ratios, case turnaround times, and post-investigation actions inform improvement plans.
  • Lessons learned from incidents, regulatory feedback, and typology updates are fed back into the EWRA and control design.

🧱 Data Protection & Privacy 🔐

  • We collect only the minimum data necessary for lawful AML/KYC purposes and service provision.
  • Data is not sold to third parties.
  • Information may be shared solely where required by law or for the prevention/detection of financial crime, and always under appropriate safeguards.
  • We respect data subject rights under applicable privacy laws, including access, rectification, restriction, and objection, subject to AML record-keeping obligations.

🚫 Zero-Tolerance for Violations

  • Accounts or relationships linked to forged documents, stolen payment instruments, account-takeover, or unjustified fund flows may be restricted or terminated.
  • Confirmed ML/TF or fraud activity is reported to competent authorities without prior notice, as permitted or required by law.
  • Refusal to cooperate with reasonable AML/KYC checks may result in denial of service, blocking of payouts, or termination of the relationship.

📫 Contact

If you have questions about this AML/KYC Policy, wish to exercise privacy rights, or need to report suspicious
activity related to our platform, please contact us via the
“Contact Us” page on
appshartbandi.net or email:

⚠️ Compliance Notice

Use of appshartbandi.net constitutes acceptance of this AML/KYC Policy. Failure to provide requested
documentation or to pass verification checks may result in:

  • Delayed or rejected payments or refunds,
  • Restricted access to certain services,
  • Account or relationship limitations or closure where necessary.

We reserve the right to update this document to reflect evolving regulations, supervisory expectations, best practices,
and our own risk assessment.

📱 دانلود اپلیکیشن 📝 ثبت‌نام سریع