Anti-Money Laundering (AML) and Know Your Customer (KYC) Policy

1. Policy Statement

Ventures Lab Malta Limited (the "Company", "we", "our", or "us") is committed to maintaining effective measures to prevent its products and services from being exploited for money laundering, terrorist financing, fraud, or other forms of financial crime.

The Company is licensed by the Malta Gaming Authority ("MGA") to provide Business-to-Consumer gaming services and is classified as a subject person under the Prevention of Money Laundering Act and the Prevention of Money Laundering and Funding of Terrorism Regulations. Accordingly, the Company maintains a comprehensive AML and KYC framework based on a risk-based approach.

This Policy applies to all individuals who establish or seek to establish a business relationship with the Company.

2. Customer Identification and Verification

Before, during, or after the establishment of a business relationship, the Company may require customers to complete identity verification in order to satisfy its legal and regulatory obligations.

Verification measures may include confirming:

  • Full legal name;
  • Date of birth;
  • Residential address;
  • Nationality;
  • Identity document validity;
  • Ownership of payment methods used on the account; and
  • Any additional information reasonably required for compliance purposes.

Verification may be performed using electronic identification solutions, documentary evidence, or a combination of both.

Where the Company is unable to verify a customer's identity satisfactorily, it may suspend or restrict account functionality until the required verification has been completed.

3. Risk-Based Customer Due Diligence

The Company assesses each customer using a risk-based methodology designed to determine the appropriate level of due diligence.

Factors considered include:

  • Country of residence or geographical exposure;
  • Transaction values and frequency;
  • Nature of gaming activity;
  • Payment methods used;
  • Source of funds indicators; and
  • Other risk factors identified through ongoing monitoring.

Customers presenting elevated risk may be subject to Enhanced Due Diligence ("EDD") measures.

EDD may include:

  • Collection of additional identification documents;
  • Independent verification of customer information;
  • Verification of source of funds or source of wealth;
  • Enhanced transaction monitoring; and
  • Approval from senior compliance personnel before continuing the business relationship.

4. Source of Funds and Source of Wealth

To comply with applicable AML obligations, the Company may require customers to demonstrate the lawful origin of monies used through their account.

Depending on the circumstances, customers may be asked to provide documentation such as:

  • Bank statements;
  • Salary or employment records;
  • Tax documentation;
  • Business ownership records;
  • Investment portfolios;
  • Inheritance documentation; or
  • Contracts relating to the sale of assets.

Failure to provide satisfactory evidence within a reasonable period may result in restrictions being placed on the customer account until the review has been completed.

5. Ongoing Customer Monitoring

The Company performs ongoing monitoring throughout the customer relationship to identify unusual or suspicious activity.

Monitoring activities may identify:

  • Unusual deposit or withdrawal behaviour;
  • Transactions inconsistent with the customer's expected profile;
  • Rapid movement of funds;
  • Minimal gaming activity relative to deposited funds;
  • Structured transactions intended to avoid regulatory controls; and
  • Any activity that may indicate financial crime.

Where necessary, additional enquiries or verification measures may be undertaken before further account activity is permitted.

6. Withdrawal Controls and Verification Thresholds

The Company applies verification measures before processing withdrawals where necessary to satisfy AML, fraud prevention, and regulatory obligations.

Customers may be required to complete identity verification before withdrawals are processed where their cumulative deposits exceed €2,000.

For this purpose, cumulative deposits may be calculated:

  • on a daily cumulative basis, taking into account all deposits made by the customer since the commencement of the business relationship; or
  • across a rolling period of one hundred and eighty (180) days.

Where additional verification is required, withdrawal requests may remain pending until the requested information has been reviewed and approved.

The Company may also require customers to provide supplementary documentation relating to their identity, payment methods, source of funds, or other information necessary to satisfy legal or regulatory obligations before withdrawals are authorised.

7. Sanctions and Politically Exposed Persons

The Company conducts sanctions and Politically Exposed Person ("PEP") screening during customer onboarding and periodically throughout the business relationship.

Screening may be performed against:

  • European Union sanctions lists;
  • United Nations sanctions lists;
  • Applicable national sanctions registers;
  • Politically Exposed Person databases; and
  • Other recognised compliance screening databases.

Potential matches are reviewed by appropriately authorised compliance personnel before any decision is taken regarding the customer relationship.

8. Suspicious Activity Reporting

Where the Company knows, suspects, or has reasonable grounds to suspect that customer activity may involve money laundering, terrorist financing, or other criminal conduct, it will fulfil its statutory obligations by submitting a Suspicious Activity Report ("SAR") to the Financial Intelligence Analysis Unit ("FIAU").

The Company is prohibited from informing any customer that a report has been submitted or that an investigation is being considered or conducted.

The Company cooperates fully with the FIAU, the Malta Gaming Authority, and all competent law enforcement authorities.

9. Customer Responsibilities

Customers are expected to:

  • provide accurate, complete, and current information during registration;
  • notify the Company promptly of any material changes to their personal information;
  • respond to requests for verification within reasonable timeframes;
  • provide authentic documentation where requested; and
  • cooperate with compliance reviews conducted by the Company.

Failure to comply with these obligations may result in limitations being placed on the account, suspension of services, refusal of transactions, or termination of the business relationship.

10. Internal Governance and Compliance

The Company's AML and KYC framework is supported through appropriate governance arrangements, including:

  • appointment of a Money Laundering Reporting Officer (MLRO);
  • documented AML/CTF policies and procedures;
  • internal reporting and escalation mechanisms;
  • enterprise-wide financial crime risk assessments;
  • periodic compliance monitoring; and
  • mandatory AML/CTF training for relevant employees.

The effectiveness of the Company's AML controls is reviewed regularly to ensure continued compliance with applicable legal and regulatory requirements.

11. Record Retention and Data Protection

The Company retains customer identification records, transaction information, monitoring records, risk assessments, and regulatory reporting documentation in accordance with applicable Maltese legislation.

Unless a longer retention period is required by law, such records are maintained for a minimum of five (5) years following the end of the business relationship or the completion of the relevant transaction.

Personal information collected under this Policy is processed in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR). Access to customer information is restricted to authorised personnel and disclosed only where required by law or to competent regulatory authorities.

12. Policy Review

This Policy forms part of the Company's overall compliance framework and is reviewed periodically to ensure that it remains consistent with legislative developments, regulatory expectations, and the Company's operational risk profile.

The Company reserves the right to amend this Policy at any time. The current version will be made available through the Company's official customer communication channels.

Đang tải