Anti-Money Laundering Policy

1. Introduction

Aureus Payment Solutions Ltd, operating as TurraTech, is committed to the highest standards of Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) compliance. As a payment institution authorised by the Financial Conduct Authority (FRN: 976592), we are subject to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and related legislation.

This policy outlines our approach to preventing money laundering, terrorist financing, and other financial crimes through our platform.

2. Scope

This policy applies to:

• All employees, contractors, and agents of TurraTech
• All merchants and customers using our services
• All transactions processed through our platform
• All business relationships and partnerships

3. Risk-Based Approach

We apply a risk-based approach to AML compliance, allocating resources proportionate to the risks identified. This includes:

• Conducting business-wide risk assessments annually
• Assessing individual customer risk at onboarding and throughout the relationship
• Enhanced due diligence for higher-risk customers and transactions
• Simplified due diligence where lower risk is identified

4. Customer Due Diligence

4.1 Standard Due Diligence

For all customers, we verify:

• Identity of the business and beneficial owners (25%+ ownership)
• Nature and purpose of the business relationship
• Source of funds where appropriate
• Business registration and regulatory status

4.2 Enhanced Due Diligence

Enhanced measures apply for:

• Politically Exposed Persons (PEPs) and their associates
• Customers in high-risk jurisdictions
• Complex or unusual business structures
• High-value or unusual transactions
• Customers in higher-risk industries

5. Ongoing Monitoring

We conduct ongoing monitoring of business relationships including:

• Transaction monitoring to detect unusual patterns
• Periodic review of customer information and risk ratings
• Screening against sanctions lists and PEP databases
• Monitoring for adverse media and reputational risks

6. Suspicious Activity Reporting

6.1 Reporting Obligations

We are legally obligated to report suspicious activity to the National Crime Agency (NCA) through Suspicious Activity Reports (SARs). All employees are trained to recognise red flags and report concerns to our compliance team.

6.2 Red Flags

Indicators that may trigger enhanced review include:

• Unusual transaction patterns inconsistent with the customer's profile
• Large cash transactions or structuring to avoid reporting thresholds
• Transactions involving high-risk jurisdictions
• Reluctance to provide required documentation
• Adverse media or reputational concerns
• Requests to expedite onboarding without proper verification

6.3 Tipping Off

We do not inform customers of any reports made to authorities. "Tipping off" is a criminal offence under the Proceeds of Crime Act 2002.

7. Sanctions Screening

7.1 Screening Process

We screen all merchants and beneficial owners against relevant sanctions lists, including:

• UK HM Treasury consolidated list
• EU consolidated financial sanctions list
• US OFAC Specially Designated Nationals (SDN) list
• UN Security Council consolidated list

7.2 Ongoing Screening

Screening is performed at onboarding and on an ongoing basis. Any potential matches are reviewed by our compliance team and escalated as necessary.

7.3 Prohibited Jurisdictions

We do not provide services to individuals or entities located in, or conducting business with, comprehensively sanctioned jurisdictions including North Korea, Iran, Syria, Cuba, and the Crimea, Donetsk, and Luhansk regions.

8. Politically Exposed Persons (PEPs)

8.1 PEP Identification

We identify whether beneficial owners or senior management are Politically Exposed Persons, their family members, or known close associates through screening against PEP databases.

8.2 Enhanced Due Diligence for PEPs

Where PEPs are identified, we apply enhanced due diligence including:

• Senior management approval for establishing the relationship
• Establishing the source of wealth and source of funds
• Enhanced ongoing monitoring of the relationship
• More frequent periodic reviews

9. Record Keeping

9.1 Retention Requirements

We maintain records for at least 5 years after the end of the business relationship, including:

• Customer identification and verification documents
• Transaction records and account files
• Risk assessments and due diligence records
• Internal and external suspicious activity reports
• Staff training records
• Compliance monitoring and audit reports

9.2 Data Protection

Records are maintained in compliance with data protection requirements and the UK GDPR, and are accessible for regulatory inspection upon request.

10. Staff Training

10.1 Training Programme

All relevant staff receive AML/CTF training at induction and at least annually thereafter, covering:

• Legal and regulatory framework
• Our policies and procedures
• How to recognise suspicious activity and red flags
• Internal reporting procedures
• Consequences of non-compliance

10.2 Role-Specific Training

Staff in customer-facing roles, compliance, and senior management receive additional training appropriate to their responsibilities.

11. Governance and Oversight

11.1 Money Laundering Reporting Officer

Our AML programme is overseen by a nominated Money Laundering Reporting Officer (MLRO) who reports to senior management and the Board. The MLRO is responsible for:

• Ensuring compliance with all AML obligations
• Receiving and evaluating internal suspicious activity reports
• Making external reports to the NCA where appropriate
• Responding to requests from law enforcement
• Overseeing training and policy development

11.2 Board Oversight

The Board receives regular reports on AML compliance, including key risk indicators, SAR statistics, and the outcomes of compliance reviews.

12. Quality Assurance

Our compliance function conducts regular quality assurance reviews to ensure policies and procedures are being followed and remain effective. This includes:

• Sample testing of customer due diligence files
• Transaction monitoring effectiveness reviews
• Training effectiveness assessments
• Policy and procedure reviews

Findings are reported to senior management with recommendations for improvement.

13. Regulatory Cooperation

We cooperate fully with law enforcement agencies and regulators, including the Financial Conduct Authority (FCA) and National Crime Agency (NCA), in relation to any investigations or requests for information. We respond promptly to all regulatory inquiries.

14. Policy Review

This policy is reviewed at least annually and updated as necessary to reflect changes in:

• Legislation and regulations
• Regulatory guidance
• Our business activities and risk profile
• Industry best practices

Significant changes are approved by the Board and communicated to all relevant staff.

15. Contact

For questions about this policy or to report concerns, contact:

Money Laundering Reporting Officer
Aureus Payment Solutions Ltd
23 Bilston Street, Dudley
West Midlands, England, DY3 1JA

Email: hello@turratech.com
Phone: +44 1902 674255