Stellar

Anti-Money Laundering (AML) Program

Compliance and Supervisory Procedures UPDATED AS OF DECEMBER 15, 2024

INTRODUCTION

The purpose of this document is to establish the Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) Program for Remidirect Inc., a U.S.-based international remittance company. This program is designed to detect, deter, and report potential money laundering, terrorist financing, and other financial crimes in accordance with applicable U.S. laws, regulations, and international standards.

Remidirect Inc. recognizes that financial services firms, particularly those operating in the international remittance sector, are vulnerable to being exploited for illicit purposes. To mitigate these risks, the company has developed this AML policy, incorporating advanced monitoring tools, stringent customer verification procedures, and staff training. This document serves as the company’s commitment to upholding financial integrity and adhering to U.S. federal and state regulations, as well as international best practices.

APPLICABLE LAWS AND REGULATIONS

This AML Program is structured to ensure compliance with the following regulatory frameworks:

  • Bank Secrecy Act (BSA) – 31 U.S.C. § 5311 et seq.
  • USA PATRIOT Act of 2001 – Sections 314(a) & 314(b)
  • Anti-Money Laundering Act of 2020 (AMLA 2020)
  • Customer Due Diligence (CDD) Rule – 31 C.F.R. § 1010.230
  • Office of Foreign Assets Control (OFAC) Regulations – 31 C.F.R. Part 500
  • FinCEN Guidelines and Advisories
  • Money Transmitter License (MTL) Requirements – per applicable U.S. states
  • Financial Action Task Force (FATF) Recommendations (updated 2024)
  • FINRA Rule 3310 (AML Compliance Program)
  • Gramm-Leach-Bliley Act (GLBA) – Privacy and security provisions

Scope of Application:
The provisions of this document apply to all officers, directors, employees, contractors, agents, and third-party service providers of Remidirect Inc. engaged in customer onboarding, transaction processing, or compliance-related activities.

SECTION 1: COMPANY OVERVIEW

Legal Name: Remidirect Inc. Registered Address: 1301 W 22nd St, Suite 801, Oak Brook, Illinois 60523 Primary Business: International Remittance Services Corporate Structure: Independent U.S. entity with no parent or subsidiary relationship to Remitap Fintech Corporation.

Board of Directors:

  • Anil Sharma –CEO
  • Ravi Singh Raawat – Director of Operations
  • Manen Kothari – Director
  • Michael Gruener – Independent Director

AML Compliance Officer: Tanmay (See Section 3 for more details)

Primary Financial Partners:

  • Plaid: Identity verification and transaction monitoring.
  • Sila: Payment infrastructure and KYC/KYB services.

Business Model: Remidirect Inc. facilitates cross-border remittance services from the United States to various international destinations. Customers are primarily U.S.-based residents sending funds to relatives, vendors, or businesses overseas.

SECTION 2: FIRM POLICY

It is the firm policy of Remidirect Inc. to proactively prevent its services from being used for illicit financial activities, including money laundering, terrorist financing, fraud, and other financial crimes. This commitment aligns with the company’s core values of integrity, transparency, and customer trust. Core Policy Objectives

  • Prevention: Implement processes to prevent potential misuse of financial services.
  • Detection: Monitor customer activity to detect unusual or suspicious transactions.
  • Reporting: Report suspicious activity to law enforcement agencies through SARs and CTRs.
  • Compliance: Ensure full adherence to AML/CFT regulations and industry standards.

Understanding Money Laundering

Money laundering is the process of disguising the origins of illicit funds to make them appear legitimate. The process typically involves three stages:

  • Placement: Illicit funds are introduced into the financial system (e.g., depositing cash into an account or purchasing monetary instruments).
  • Layering: Funds are moved through complex transactions to obfuscate their origin (e.g., transferring funds between multiple accounts across jurisdictions).
  • Integration: The funds are integrated into the legitimate economy, often through investments or high-value purchases.

Example Scenario in Remittance Services: A customer deposits multiple cash payments below the reporting threshold into various accounts and then sends the combined amount overseas via remittance transfers. This activity may be indicative of structuring, a form of money laundering.

Understanding Terrorist Financing

Terrorist financing involves providing funds for terrorist activities, whether derived from legal or illegal sources. Unlike money laundering, the primary objective is not to disguise the source of funds but to conceal their intended use.

  • Use of funds inconsistent with the customer’s stated purpose.
  • Transactions involving high-risk jurisdictions associated with terrorist activities.
  • Donations or payments to entities with limited transparency or operational legitimacy.

Policy Directive:
All suspicious activity indicative of potential terrorist financing must be reported to FinCEN via a SAR and escalated immediately to law enforcement if imminent threats are suspected.

SECTION 3: AML COMPLIANCE OFFICER (AMLCO)

Designation and Responsibilities Remidirect Inc. has appointed Tanmay as its Anti-Money Laundering Compliance Officer (AMLCO). The AMLCO has full authority and independence to implement, monitor, and enforce the company’s AML/CFT program.

Contact Information:

  • Name: Tanmay
  • Position: AML Compliance Officer
  • Email: Fraud@RemiDirect.com
  • Phone: 312 282 3155

AMLCO Responsibilities

  • Policy Implementation: Develop, document, and maintain the AML Program in accordance with regulatory requirements.
  • Monitoring and Detection: Supervise customer activity using automated monitoring tools provided by Plaid and Sila. Investigate alerts generated by the system and determine the appropriate response.
  • Reporting and Communication: Ensure timely filing of SARs, CTRs, and other required regulatory reports. Serve as the primary liaison with FinCEN, OFAC, and state regulators.
  • Training and Education: Conduct regular AML training sessions for staff, ensuring all employees are aware of their roles and responsibilities regarding financial crime prevention.
  • Independent Audits: Coordinate internal and external audits of the AML Program and implement corrective actions as necessary.
  • Technology Integration: Collaborate with IT teams to integrate new technologies, such as AI-driven transaction monitoring and facial recognition for video KYC.M
  • Regulatory Updates: Stay informed about changes to relevant laws and regulations and update policies and procedures accordingly.

    • Annual Reporting

    The AMLCO will present an annual AML report to the Board of Directors, summarizing:

    • Suspicious activity trends.
    • Emerging risks.
    • System enhancements.
    • Training outcomes.
    • Recommendations for improvements.

    SECTION 4: RISK-BASED APPROACH (RBA)

    Remidirect Inc. adopts a Risk-Based Approach (RBA) to manage AML/CFT risks. This methodology ensures that resources are allocated proportionally to the perceived level of risk associated with customers, transactions, products, and jurisdictions.

    Risk Categories

    Customer Risk:

    • Based on demographics, background, and behavioural patterns.
    • Transaction Risk: Associated with transaction size, frequency, and destination.
    • Geographic Risk: Higher risk for customers or counterparties located in FATF-identified jurisdictions.

    Risk Assessment Process

    • Customer Onboarding: Each new customer is assigned a risk profile based on KYC data and initial transaction patterns.
    • Ongoing Monitoring: Transaction activity is continuously monitored using Plaid’s rule-based algorithms to detect anomalies.
    • Periodic Reviews: Customer profiles are reviewed periodically, with high-risk customers subject to more frequent reviews.

      • High-Risk Indicators

      • Transactions inconsistent with stated business or personal activity.
      • Connections to politically exposed persons (PEPs).
      • Repeated attempts to circumvent reporting thresholds.
      • Transfers to or from high-risk jurisdictions.

      Risk Mitigation Measures:

      • Enhanced due diligence for high-risk customers.
      • Restriction of certain transaction types.
      • Immediate SAR filing if illicit activity is suspected.

      SECTION 5: CUSTOMER IDENTIFICATION PROGRAM (CIP)

      The Customer Identification Program (CIP) ensures that Remidirect Inc. verifies the identity of each customer prior to conducting financial transactions, thereby reducing the risk of identity fraud and financial crime. Legal Reference: 31 C.F.R. §1023.220

      5.1 Information Collection Requirements

      The following information must be collected for all individual customers:

      • Full Legal Name
      • Date of Birth
      • Residential Address (no P.O. boxes)
      • Social Security Number (SSN) or Tax Identification Number (TIN)
      • Government-Issued Photo ID (e.g., Driver’s License, Passport, or State ID)

      For Non-U.S. Persons:

      • Passport Number with Country of Issuance
      • Alien Identification Number or Equivalent

      5.2 Identity Verification Procedures

      Remidirect Inc. employs both documentary and non-documentary methods for customer verification.

      Documentary Verification

      • Review physical or electronic copies of IDs and other official documents.
      • Ensure that documents are current, clear, and authentic.
      • Cross-reference names and birthdates against public databases.

      Non-Documentary Verification

      • Plaid Identity API: For real-time verification of bank account ownership.
      • Sila KYC Integration: To confirm personal information via secure third-party databases.
      • Internal AI-based System: Facial recognition via the app’s video KYC feature.

      5.3 KYC Submission Process in Remidirect App

      • User Action: Access the app’s side menu and select “Complete KYC”.
      • Document Upload: Upload an approved form of identification (e.g., passport or driver’s license).
      • Address Verification: Enter residential address details.
      • Video KYC: Record a short video reading a provided statement to confirm identity.
      • Submission: Submit for verification.
      • Internal Review: The compliance team reviews and verifies the information.
      • KYC Approval: Approved users receive a notification; rejected users are asked to provide additional documentation.

      5.4 Addressing Discrepancies

      If the verification process reveals inconsistencies or suspicious information, the following steps will be taken:

      • Request additional documentation.
      • Conduct manual investigations.
      • If suspicions persist, file a SAR.

      SECTION 6: CUSTOMER DUE DILIGENCE (CDD) & ENHANCED DUE DILIGENCE (EDD)


      6.1 Standard Customer Due Diligence (CDD)

      The objective of CDD is to understand the customer’s profile and expected transaction patterns.

      Procedures:

      • Collect identifying information as part of the CIP.
      • Evaluate the customer’s transaction purpose and expected volume.
      • Assign a risk classification (low, medium, or high).

      6.2 Enhanced Due Diligence (EDD)

      EDD applies when customers pose elevated risks due to their profile, transaction behaviour, or affiliations.

      EDD Triggers:

      • Politically Exposed Persons (PEPs)
      • High-value transactions ($50,000+ without reasonable explanation)
      • Connections to high-risk jurisdictions

      EDD Steps:

      • Obtain additional identification and transaction details.
      • Verify the source of funds and purpose of the transfer.
      • Increase transaction monitoring frequency.
      • Require senior management approval for high-risk accounts.

      6.3 Ongoing Due Diligence

      CDD and EDD are not one-time processes. Customer behaviour is continuously monitored to identify deviations from their expected transaction patterns.

      Monitoring Frequency:

      • Low-Risk Customers: Annual review.
      • Medium-Risk Customers: Semi-annual review.
      • High-Risk Customers: Quarterly review.

      SECTION 7: TRANSACTION MONITORING AND REPORTING

      Remidirect Inc. maintains a comprehensive transaction monitoring program designed to detect, investigate, and report suspicious activities. The monitoring system employs advanced algorithms and pattern recognition techniques powered by Plaid and Sila to flag unusual transactions indicative of potential money laundering, fraud, or terrorist financing.

      7.1 Transaction Monitoring Framework

      The transaction monitoring system employs a multi-layered approach:
      1. Threshold-Based Alerts:
      • Transactions exceeding $5,000 are automatically flagged for review.
      • Transfers involving countries listed on the FATF High-Risk Jurisdictions list are subject to additional scrutiny.
      2. Behavioural Analysis:
      • Customer transactions are continuously compared against historical patterns.
      • Deviations such as increased frequency,volume,ordestination changes are flagged.
      3. Pattern Recognition:
      • Algorithms identify known laundering techniques like structuring, layering, and smurfing
      • Machine learning models analyse past SARs to improve detection accuracy.
      4. Risk Profiling:
      • Customers are assigned risk scores based on transaction behaviour and external risk factors.
      • High-risk customers undergo more frequent and in-depth reviews.

      7.2 Indicators of Suspicious Transactions

      The following activities may indicate suspicious activity and warrant further investigation:

      • Large transfers with no apparent business or personal reason.
      • Rapid movement of funds between unrelated accounts.
      • Transactions involving jurisdictions known for weak AML enforcement.
      • Repeated transactions just below reporting thresholds (structuring).
      • Transfers involving newly added recipients in high-risk countries.

      7.3 Investigative Procedures

      Upon detecting suspicious activity:
      1. The transaction is immediately flagged for review by the compliance team.
      2. The AMLCO conducts a preliminary investigation using available records and external databases.
      3. If suspicions persist, a Suspicious Activity Report (SAR) is filed with FinCEN.
      All actions are documented, including findings, decisions, and communications with authorities.

      SECTION 8: SUSPICIOUS ACTIVITY REPORTING (SAR)

      Legal Basis: 31 C.F.R. § 1023.320

      8.1 When to File a SAR

      A SAR must be filed when the company knows, suspects, or has reason to suspect that a transaction involves:
      • Funds derived from illegal activities.
      • Efforts to evade AML or regulatory requirements (e.g., structuring).
      • Transactions lacking an apparent lawful purpose.
      • Activities indicative of potential terrorist financing.

      SAR Threshold: $5,000 (either as a single transaction or aggregated over multiple related transactions).

      8.2 SAR Filing Procedure

      • 1. Initial Detection: Upon detecting suspicious activity, the compliance team documents the incident and initiates a review.
      • 2. Investigation: Relevant documentation, communications, and transaction history are analysed.
      • 3. Decision: If suspicious activity cannot be reasonably explained, a SAR is prepared.
      • 4. Report Preparation: The SAR is completed using FinCEN’s BSA E-Filing System. It must include:
        • • Customer details and identifying information.
        • • Description of the suspicious activity with supporting evidence.
        • • Details about the involved accounts and associated parties.

      5. Submission:

      SARs must be filed within 30 calendar days of initial detection. If additional information is required, filing may be extended to 60 days, provided ongoing efforts are documented.
      FinCEN Reporting Platform: https://bsaefiling.fincen.treas.gov

      8.3 Confidentiality of SARs

      Federal law prohibits disclosing the existence of a SAR to the customer or any unauthorized party. Violations may result in severe penalties, including fines and imprisonment.

      8.4 Internal Reporting of SARs

      All SARs filed must be logged in a secure, access-controlled system. Access is limited to the AMLCO, senior compliance officers, and external auditors (when required).

      SECTION 9: CURRENCY TRANSACTION REPORTING (CTR)

      Legal Basis: 31 C.F.R. § 1010.310
      A Currency Transaction Report (CTR) must be filed for any cash transactions exceeding $10,000 conducted by, or on behalf of, the same person in one business day.

      CTR Filing Procedure

      1. Identification:
      Identify cash transactions meeting the $10,000 threshold.
      2. Verification:
      Confirm customer identity using CIP records.
      3. Filing:
      Submit the CTR electronically to FinCEN within 15 calendar days of the transaction date.
      4. Documentation:
      Maintain all supporting documentation for 5 years.

      Common CTR Red Flags

      • Multiple cash deposits just under the $10,000 threshold.
      • Unusually large cash transactions inconsistent with customer profile.
      • Cash payments used for international transfers to high-risk countries.

      CTR Filing Platform: https://bsaefiling.fincen.treas.gov

      SECTION 10: OFFICE OF FOREIGN ASSETS CONTROL (OFAC) COMPLIANCE

      Legal Basis: 31 C.F.R. Part 500
      OFAC regulations prohibit financial transactions with individuals, entities, or countries subject to U.S. economic sanctions.

      10.1 Screening Procedures

      Remidirect Inc. utilizes Plaid and Sila APIs to perform real-time screenings of all customers and transactions against the OFAC Specially Designated Nationals (SDN) list.

      Screening occurs at:

      • Account creation.
      • Transaction initiation (inbound and outbound).
      • Periodic customer reviews.

      10.2 Responding to OFAC Matches

      Upon a potential SDN match:

      • 1. Immediate Action:
        Freeze the related transaction and block access to the associated account.
      • 2. Verification:
        Cross-verify information to confirm the match.
      • 3. Reporting:
        Notify OFAC within 10 business days via the OFAC Reporting System.
      • 4. Follow-Up:
        File a SAR if the activity appears suspicious.
      OFAC Hotline: 1-800-540-6322
      SDN List Search Tool: https://sanctionssearch.ofac.treas.gov

      SECTION 11: INFORMATION SHARING UNDER USA PATRIOT ACT SECTION 314(b)

      Legal Basis: USA PATRIOT Act, Section 314(b)

      11.1 Purpose of 314(b) Sharing

      Remidirect Inc. may share information with other financial institutions regarding potential money laundering or terrorist financing activities under the 314(b) safe harbour provision.

      11.2 Sharing Procedures

      1. Notification:
      File an initial notice with FinCEN prior to sharing information.
      2. Verification:
      Verify that the requesting institution has also filed a 314(b) notice.
      3. Recordkeeping:
      Document the information shared, including the purpose and recipient.
      4. Confidentiality:
      Information shared under this provision is strictly confidential and may only be used for AML purposes.
      FinCEN Contact: https://www.fincen.gov/314b

      SECTION 12: AML TRAINING PROGRAM

      12.1 Training Objectives

      The AML Training Program aims to equip employees with the knowledge and skills necessary to identify, prevent, and report suspicious activity.

      Training Focus Areas:

      • Overview of money laundering and terrorist financing.
      • AML regulations and reporting obligations.
      • Recognizing red flags and suspicious patterns.
      • Use of Plaid and Sila tools for transaction monitoring.
      • Procedures for filing SARs and CTRs.

      12.2 Training Structure

      Frequency:
      • Annual Training: All staff.
      • Biannual Training: High-risk departments (e.g., compliance, IT).

      Delivery Methods:
      • In-person workshops.
      • Online modules and webinars.
      • Case studies of real-world AML cases.
      Assessment:
      • All participants must complete an AML quiz with a minimum passing score of 80%.
      Recordkeeping:

      SECTION 13: INDEPENDENT TESTING AND AUDIT

      Legal Basis: FINRA Rule 3310(b)
      Independent testing ensures the ongoing effectiveness of the AML program.

      13.1 Testing Frequency

      • Annual: Full AML Program review.
      • Ad-Hoc: After significant operational changes or regulatory updates.

      13.2 Testing Scope

      • Policy Review: Verify compliance with regulatory requirements.
      • Transaction Analysis: Evaluate system effectiveness in detecting suspicious activity.
      • Employee Knowledge: Assess the effectiveness of training initiatives.
      • Third-Party Vendor Review: Ensure Plaid and Sila remain compliant with AML regulations.

      13.3 Auditor Independence

      The independent audit will be conducted by external professionals or internal staff not involved in daily AML operations.
      Lead Auditors: Anil Sharma & Abishek Sharma (Internal) External Auditor: TBD

      SECTION 14: RECORDKEEPING REQUIREMENTS

      Legal Basis: 31 C.F.R. § 1010.430
      Remidirect Inc. maintains accurate, complete, and secure records related to AML compliance.

      14.1 Records to Be Retained

      • SARs and supporting documentation: 5 years.
      • CTRs and supporting documentation: 5 years.
      • KYC information and verification records: 5 years post-account closure.
      • AML training records: 5 years.
      • Independent testing reports: 5 years.

      14.2 Storage and Access

      • Digital records are encrypted and stored on secure servers with multi-factor authentication.
      • Physical records are stored in a locked, access-controlled room.
      • Access is restricted to authorized personnel only.

      SECTION 15: CONFIDENTIAL REPORTING OF AML NON-COMPLIANCE

      15.1 Whistleblower Protocol

      Employees are encouraged to report any potential violations of this AML Program or related regulations.

      Reporting Channels:

      • Anonymous online portal.
      • Dedicated AML hotline.

      Whistleblower Protection:

      No employee will suffer retaliation for reporting concerns in good faith.

      SECTION 16: TECHNOLOGY AND AUTOMATION

      Remidirect Inc. leverages cutting-edge technologies for efficient AML operations.

      16.1 Primary Tools

      • Plaid: Real-time identity verification and transaction monitoring.
      • Sila: KYC/KYB processes and payment infrastructure.
      • Internal AI System: Behavior-based transaction pattern detection.

      16.2 System Integrity

      • Regular penetration tests and security audits.
      • Continuous updates to reflect regulatory changes and emerging threats.

      SECTION 17: SENIOR MANAGEMENT OVERSIGHT

      The Board of Directors will receive quarterly updates from the AMLCO and conduct an annual AML Program review.

      Review Focus:

      • Program effectiveness.
      • Regulatory compliance.
      • Operational improvements.

      Approval Authority: Board of Directors

      SECTION 18: CONTINUOUS IMPROVEMENT

      The AMLCO will continuously monitor regulatory developments and recommend updates to this program as needed.