Register
Login

Anti-Money Laundering (AML) Policy – MOCEAN LTD

1. Introduction

MOCEAN LTD (hereinafter referred to as the “Company”), a financial institution accredited by the Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan since 30th October 2020, and duly registered as a Money Services Business (MSB) with the U.S. Department of the Treasury – Financial Crimes Enforcement Network (FinCEN) under Registration No. 31000301383065, is committed to the highest standards of anti–money laundering (AML), counter-terrorist financing (CTF), and financial crime compliance.

In recognition of its legal and regulatory obligations, the Company has developed and implemented a robust Anti–Money Laundering and Counter–Terrorism Financing Policy (“AML/CTF Policy”) designed to prevent the Company’s operations from being exploited for illicit purposes, including money laundering, terrorist financing, and other unlawful financial activity. This policy reflects the Company’s commitment to full compliance with applicable national and international AML/CTF legal frameworks and regulatory standards.

Specifically, this AML/CTF Policy is implemented in accordance with the following legal and regulatory instruments:

  • The Law of the Republic of Kazakhstan “On Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism” (hereinafter referred to as the “Kazakhstan AML Law”), which mandates financial institutions to implement internal control systems, identify and verify customers, report suspicious transactions, and cooperate with the authorized regulatory bodies;
  • The United States Bank Secrecy Act (BSA), codified at 31 U.S.C. §§ 5311–5332, and its implementing regulations (31 CFR Chapter X), which require MSBs to maintain effective AML programs, file currency transaction reports (CTRs), suspicious activity reports (SARs), and maintain transaction records in a manner consistent with U.S. federal standards;
  • FinCEN Rules and Guidance, including applicable interpretive rulings, advisory notices, and enforcement priorities issued by the Financial Crimes Enforcement Network of the U.S. Department of the Treasury, which provide direction for risk-based AML compliance programs for MSBs operating under U.S. jurisdiction;
  • The Recommendations of the Financial Action Task Force (FATF), to the extent applicable, particularly with respect to risk assessment, customer due diligence (CDD), record-keeping, and the detection and reporting of suspicious transactions. As a globally recognized standard-setting body, FATF provides a framework for effective measures to combat money laundering, terrorist financing, and proliferation financing.

This AML/CTF Policy constitutes an integral part of the Company’s internal compliance regime and is subject to periodic review and enhancement to reflect changes in legal requirements, regulatory expectations, and emerging risks. It outlines the Company’s internal controls, compliance functions, training obligations, transaction monitoring mechanisms, and reporting procedures that ensure adherence to applicable AML/CTF laws, rules, and guidance in every jurisdiction in which the Company operates. The Company’s Board of Directors and senior management are fully committed to fostering a culture of compliance and integrity and have designated appropriately qualified personnel to oversee the effective implementation and ongoing monitoring of this AML/CTF Policy.

2. Policy Objective

The objective of this Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Policy is to establish a comprehensive, risk-based compliance framework that ensures MOCEAN LTD operates in full conformity with applicable legal and regulatory requirements and global best practices for the prevention of financial crime.

The AML/CTF Policy aims to:

  • Prevent the misuse of MOCEAN LTD’s digital asset and payment-related services for money laundering, terrorist financing, and other forms of illicit financial activity, by establishing robust internal control systems, governance structures, and due diligence procedures that align with the requirements set forth under:
    • The Law of the Republic of Kazakhstan “On Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism”;
    • The United States Bank Secrecy Act (BSA) and its implementing regulations;
    • Relevant FinCEN Guidance applicable to Money Services Businesses;
    • The FATF Recommendations on a risk-based approach to AML/CTF compliance.
  • Ensure the prompt identification, escalation, and reporting of suspicious transactions or activity, through the establishment of internal mechanisms for:
    • Ongoing customer and transaction monitoring;
    • Filing of Suspicious Activity Reports (SARs) and other mandatory reports with competent regulatory and law enforcement authorities;
    • Maintaining detailed records and audit trails in accordance with statutory retention requirements.
  • Implement a risk-based compliance framework tailored to the unique risk exposures associated with MOCEAN LTD’s digital financial services, including:
    • Cryptocurrency issuance and tokenized asset management;
    • Cryptocurrency trading platforms and exchange operations;
    • Custodial and non-custodial wallet services;
    • Fiat-to-crypto and crypto-to-fiat payment processing.

This includes the application of Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) measures proportionate to the level of money laundering or terrorist financing risk identified across different customer types, geographic regions, transaction volumes, and product lines.

Additionally, MOCEAN LTD is committed to maintaining a proactive compliance culture, supported by:

  • Ongoing training of relevant personnel on AML/CTF obligations;
  • Periodic independent audits and compliance assessments;
  • Senior management oversight and clear lines of responsibility for AML/CTF governance.

Through this Policy, MOCEAN LTD endeavors not only to comply with legal and regulatory requirements, but also to contribute meaningfully to the integrity, transparency, and security of the global financial system, particularly within the evolving landscape of digital assets and payments.

3. Scope

This Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Policy applies comprehensively to all persons and entities engaged with or operating under the auspices of MOCEAN LTD. It establishes the universal applicability of the Company’s compliance obligations and the shared responsibility for the prevention of money laundering, terrorist financing, and other financial crimes.

The policy governs the conduct and responsibilities of the following categories of individuals and entities:

a) Employees, Officers, and Directors

This Policy is binding on all employees, officers, executives, and members of the Board of Directors of MOCEAN LTD. Each individual is expected to act in full compliance with the AML/CTF framework as established herein and under applicable legal and regulatory requirements. All personnel must:

  • Complete AML/CTF training programs as required by law and internal policy;
  • Understand their role in monitoring, detecting, and reporting suspicious activity;
  • Ensure adherence to internal controls and reporting procedures;
  • Cooperate with regulatory authorities during audits, examinations, or investigations.

b) Agents, Contractors, and Third-Party Service Providers

Any individual or entity acting on behalf of, or providing services to, MOCEAN LTD under contractual, agency, outsourcing, or partnership arrangements is required to comply fully with this AML/CTF Policy. This includes, but is not limited to:

  • Technology providers involved in the operation of cryptocurrency platforms or wallets;
  • Payment processors and fiat on/off-ramp facilitators;
  • Compliance support vendors (e.g., KYC/AML verification services);
  • Any other outsourced parties engaged in the Company’s regulated or operational activities.

Such third parties must be subject to due diligence, contractual AML/CTF compliance obligations, and periodic oversight to ensure alignment with the Company’s risk appetite and applicable legal frameworks.

c) Clients and Counterparties

This Policy applies to all clients, users, customers, and counterparties who utilize MOCEAN LTD’s services, including:

  • Individuals or entities engaging in cryptocurrency issuance, purchase, exchange, custody, or sale;
  • Users of digital wallet services or virtual asset-related financial services;
  • Clients conducting cross-border or domestic fiat-based transactions via the Company’s platforms;
  • Counterparties involved in correspondent or institutional arrangements.

All such persons must undergo appropriate levels of Customer Due Diligence (CDD), including identity verification, risk assessment, and ongoing monitoring, in accordance with the Company’s internal policies and in compliance with applicable laws and regulations, including those of the Republic of Kazakhstan, the United States (BSA/FinCEN), and international AML standards.

4. AML Compliance Officer

MOCEAN LTD has appointed a qualified Anti-Money Laundering Compliance Officer (AMLCO) who holds the requisite expertise, experience, and authority to develop, implement, and maintain an effective Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) compliance program, in accordance with applicable legal, regulatory, and international standards.

The AMLCO is designated by the Company’s senior management and Board of Directors and is empowered with the necessary autonomy, access, and resources to carry out their responsibilities effectively. The AMLCO is directly accountable to executive leadership and plays a central role in the governance and enforcement of the Company’s AML/CTF framework.

The responsibilities of the AML Compliance Officer include, but are not limited to:

a) Oversight of the AML/CTF Compliance Program

  • Designing, implementing, and maintaining the Company’s risk-based AML/CTF policies, procedures, and internal controls.
  • Ensuring that the AML/CTF compliance program is consistent with applicable requirements under the Law of the Republic of Kazakhstan, the U.S. Bank Secrecy Act (BSA), FinCEN regulations, and relevant FATF Recommendations.
  • Monitoring the effectiveness of the compliance program and ensuring that it is updated regularly in response to evolving regulatory requirements, emerging risks, and business developments.

b) Regulatory Liaison and Reporting

  • Serving as the principal point of contact for communications with supervisory and law enforcement authorities, including but not limited to:
    • The Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan;
    • The U.S. Department of the Treasury – Financial Crimes Enforcement Network (FinCEN);
    • Any other relevant domestic or foreign financial intelligence units (FIUs).
  • Ensuring timely and accurate filing of Suspicious Activity Reports (SARs), Currency Transaction Reports (CTRs), and any other mandatory disclosures in accordance with jurisdictional requirements.

c) Training, Awareness, and Recordkeeping

  • Developing and overseeing the implementation of a structured AML/CTF training program tailored to the roles and responsibilities of relevant staff and contractors.
  • Ensuring that employees, agents, and applicable third parties understand their legal obligations and internal procedures related to AML/CTF compliance.
  • Establishing mechanisms to ensure the accurate retention, confidentiality, and accessibility of records, including customer identification data, transaction logs, and reporting documentation, in accordance with statutory retention periods under applicable law.

d) Risk Assessment, Monitoring, and Internal Audits

  • Conducting regular enterprise-wide AML/CTF risk assessments to identify and evaluate the level of exposure to money laundering and terrorist financing risks across different business lines, customer segments, geographies, and delivery channels.
  • Implementing monitoring systems and internal audit functions to assess the ongoing effectiveness of the AML/CTF controls, including periodic reviews, testing, and remediation of any identified deficiencies.
  • Preparing compliance reports for senior management and the Board of Directors, outlining risk trends, compliance performance, regulatory developments, and recommendations for program enhancements.

5. Know Your Customer (KYC) and Customer Due Diligence (CDD)

MOCEAN LTD has established and implements a comprehensive, risk-based Know Your Customer (KYC) and Customer Due Diligence (CDD) framework in full compliance with the applicable provisions of:

  • The Law of the Republic of Kazakhstan “On Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism”;
  • The U.S. Bank Secrecy Act (BSA) and its implementing regulations;
  • FinCEN’s AML guidelines for Money Services Businesses (MSBs);
  • The relevant Financial Action Task Force (FATF) Recommendations, particularly Recommendations 10–12 concerning customer due diligence, recordkeeping, and ongoing monitoring.

These procedures are critical to the prevention and detection of illicit financial activities and serve to ensure that all customer relationships are transparent, lawful, and proportional to their assessed risk.

5.1 Risk-Based Approach to KYC/CDD

MOCEAN LTD applies a risk-based approach (RBA) to CDD, whereby the level of verification, scrutiny, and ongoing monitoring is commensurate with the assessed risk profile of each customer or business relationship. The factors considered in this risk assessment include:

  • Customer type and background (e.g., individual, corporate, PEP);
  • Nature and purpose of the relationship;
  • Geographic location and jurisdictional exposure;
  • Product/service features and transaction behavior.

CDD measures are conducted both at the onboarding stage and on a continuing basis throughout the customer relationship.

5.2 Identification and Verification Requirements

In compliance with applicable KYC regulations and international best practices, MOCEAN LTD collects and verifies the following information:

a) For Individual Clients (Natural Persons):

  • Full legal name (as per government-issued ID);
  • Date of birth;
  • Nationality and country of residence;
  • Valid government-issued identification document (e.g., passport, national ID card);
  • Residential address (verified through recent utility bills, bank statements, or similar documents);
  • Source of funds and purpose of the relationship (when applicable);
  • Occupation or nature of business (where risk-appropriate).

b) For Corporate Clients (Legal Entities):

  • Certificate of incorporation or business registration;
  • Articles of association or equivalent governing documents;
  • Tax Identification Number (TIN) or equivalent;
  • List of directors and senior management;
  • Proof of business address (e.g., utility bill or bank reference);
  • Ownership structure, including UBOs holding 25% or more ownership or control interest;
  • Nature of the business and expected account activity;
  • Source of funds and geographic scope of operations.

Verification is performed using reliable, independent documentation, data, or information, and must be completed before establishing any business relationship or executing significant transactions.

5.3 Enhanced Due Diligence (EDD)

Enhanced Due Diligence (EDD) measures are applied in situations presenting a higher risk of money laundering or terrorist financing. These include, but are not limited to, the following high-risk categories:

  • Clients residing in or transacting with High-Risk Jurisdictions, as defined by:
    • The FATF list of High-Risk and Other Monitored Jurisdictions;
    • The Republic of Kazakhstan’s Financial Monitoring Agency;
    • U.S. sanctions lists (e.g., OFAC).
  • Politically Exposed Persons (PEPs), including:
    • Domestic and foreign individuals with prominent public functions;
    • Immediate family members and close associates of such individuals.
  • Clients engaging in high-value or unusually complex transactions lacking an apparent lawful or economic purpose.

EDD procedures include, but are not limited to:

  • Obtaining additional identifying information (e.g., secondary forms of ID or in-person verification);
  • Verifying source of wealth and source of funds with greater rigor;
  • Requiring senior management approval before establishing or continuing such relationships;
  • Conducting more frequent and granular transaction monitoring;
  • Applying additional verification of the client’s corporate structure and beneficial ownership.

5.4 Ongoing Due Diligence and Periodic Reviews

MOCEAN LTD conducts ongoing monitoring of customer accounts and transactional behavior to ensure consistency with the customer’s known profile and declared activities. This includes:

  • Monitoring transactions for patterns indicative of suspicious activity;
  • Identifying material changes in customer behavior, ownership, or risk profile;
  • Triggering periodic reviews of customer information based on risk level;
  • Re-validating KYC documentation at defined intervals or upon risk triggers.

All CDD/KYC records are retained in accordance with applicable laws and are made available to competent authorities upon lawful request.

6. Risk Assessment

MOCEAN LTD recognizes that the foundation of an effective Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) program is the ongoing identification, assessment, and mitigation of money laundering, terrorist financing, and other illicit finance risks. Accordingly, the Company has adopted a risk-based approach (RBA) in line with the Financial Action Task Force (FATF) Recommendations, the Law of the Republic of Kazakhstan, the U.S. Bank Secrecy Act (BSA), and relevant FinCEN guidance.

a) Purpose and Legal Basis

The purpose of the risk assessment is to enable MOCEAN LTD to identify, understand, and effectively manage the unique AML/CTF risks inherent in its cryptocurrency and fiat-related operations. This is in accordance with:

  • Article 4 of the Kazakhstan AML Law, which requires reporting entities to assess and document risks;
  • The U.S. BSA and FinCEN’s requirement for MSBs to implement risk-based AML programs;
  • International standards that promote the proportional allocation of AML/CTF resources to areas of higher risk.

b) Risk Assessment Framework

MOCEAN LTD has developed a structured and periodically reviewed AML risk assessment framework that considers the following key risk factors:

  • Customer Risk – the nature and profile of customers (e.g., individuals, legal entities, politically exposed persons (PEPs), non-residents, high-net-worth individuals).
  • Geographic Risk – exposure to jurisdictions with higher levels of corruption, inadequate AML/CTF regulations, sanctions, or known criminal activity, including high-risk and non-cooperative jurisdictions identified by FATF.
  • Product/Service Risk – the specific features of services offered, including:
    • Cryptocurrency issuance and tokenization;
    • Digital asset trading and exchange activities;
    • Wallet services (custodial and non-custodial);
    • Payment and remittance processing.
  • Delivery Channel Risk – the method of customer onboarding and service delivery (e.g., remote/digital onboarding, third-party introducers, peer-to-peer functionality).

c) Risk Classification and Controls

Based on the assessment of these factors, the Company classifies the AML/CTF risk of each business activity, customer, and transaction into categories (e.g., low, medium, or high risk). Enhanced Due Diligence (EDD) measures are applied to relationships and transactions deemed to pose a higher risk of money laundering or terrorist financing.

Examples of high-risk scenarios requiring enhanced controls include:

  • Anonymous or pseudonymous cryptocurrency transactions;
  • Customers from jurisdictions subject to sanctions or increased monitoring;
  • Complex or unusually large transactions lacking a clear economic or lawful purpose.

d) Ongoing Risk Review

The risk assessment is reviewed and updated:

  • At least annually, or more frequently as warranted by changes in law, regulation, business operations, or the threat landscape;
  • Upon the introduction of new products, services, or technologies;
  • Following any material compliance incidents or internal audit findings.

The findings from the risk assessment directly inform the design and calibration of the Company’s AML/CTF compliance program, including:

  • Customer Due Diligence (CDD) procedures;
  • Transaction monitoring rules;
  • Resource allocation and staff training;
  • Internal audit planning.

MOCEAN LTD’s AML Compliance Officer is responsible for ensuring that the risk assessment is documented, validated, and approved by senior management, and that it serves as a living document integrated into the Company’s overall compliance governance structure.

7. Transaction Monitoring

MOCEAN LTD employs a robust and risk-sensitive Transaction Monitoring (TM) program to detect, analyze, and escalate potentially suspicious activities in accordance with applicable anti-money laundering (AML) and counter-terrorism financing (CTF) obligations under:

  • The Law of the Republic of Kazakhstan “On Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism”;
  • The U.S. Bank Secrecy Act (BSA) and related FinCEN regulations for Money Services Businesses (MSBs);
  • The Financial Action Task Force (FATF) Recommendations, particularly those applicable to Virtual Asset Service Providers (VASPs);
  • Applicable global sanctions regimes, including but not limited to OFAC, UN, EU, and Kazakhstan’s national sanctions list.

7.1 Objectives

The transaction monitoring program is designed to:

  • Detect patterns or behaviors that may indicate money laundering, terrorist financing, or other illicit financial activities;
  • Enable timely identification and investigation of suspicious transactions;
  • Generate alerts for further compliance review, escalation, or regulatory reporting as needed;
  • Ensure ongoing surveillance of customer activity consistent with their risk profile.

7.2 Monitoring Systems and Methodologies

MOCEAN LTD uses a combination of automated surveillance tools and manual review protocols to monitor both fiat and cryptocurrency transaction flows across its platforms. These systems are calibrated to identify and flag indicators of unusual, anomalous, or high-risk behavior, including but not limited to:

  • Structuring (Smurfing): Deliberate splitting of large transactions into multiple smaller transactions to evade reporting thresholds.
  • Rapid Inflow and Outflow Patterns: High-frequency transactions involving rapid deposits and withdrawals across crypto and fiat channels without a clear business or personal justification.
  • High-Value or Unusual Transactions: Transactions that are significantly above average for the customer’s profile or inconsistent with historical behavior.
  • Transaction Velocity and Volume: Elevated frequency or volume of virtual asset transfers inconsistent with the customer’s known activities or risk rating.
  • Jurisdictional Risk Indicators: Transactions involving or routed through high-risk jurisdictions identified by FATF or other competent authorities.
  • Wallet Risk Assessment: Interactions with blacklisted, sanctioned, or flagged wallets, including those identified on blockchain intelligence platforms or by law enforcement.
  • Use of Anonymity-Enhanced Technologies: Use of privacy coins, tumblers, mixers, or decentralized exchanges that may obscure transaction origins or destinations.
  • Chain Hopping: Rapid conversion across different types of virtual assets or blockchains without clear commercial rationale.

7.3 Risk-Based Alert Review and Escalation

Upon detection of potential red flags, the Compliance Department performs a tiered investigation that may include:

  • Contextual review of the customer’s profile, transactional history, and risk classification;
  • Analysis of supporting documentation or business rationale;
  • Use of blockchain analytics tools to trace source and destination of funds;
  • Assignment of risk scores or escalation to Enhanced Due Diligence (EDD);
  • Filing of Suspicious Activity Reports (SARs) or equivalent disclosures with the relevant Financial Intelligence Unit (FIU).

High-risk alerts are prioritized and escalated to the AML Compliance Officer (AMLCO) for further investigation and regulatory reporting decisions.

7.4 Ongoing System Calibration and Governance

MOCEAN LTD’s transaction monitoring rules and risk models are regularly reviewed and updated to:

  • Align with emerging typologies and red flags identified by regulators and international bodies (e.g., FATF, FinCEN, Egmont Group);
  • Reflect the evolving risk landscape associated with virtual asset technologies;
  • Ensure effectiveness and efficiency of controls through metrics, testing, and audit findings;
  • Incorporate feedback from regulatory examinations and internal compliance reviews.

System parameters may be fine-tuned based on customer segmentation; product-specific risk factors, jurisdictional exposures, and lessons learned from internal case studies.

8. Suspicious Activity Reporting (SAR)

MOCEAN LTD maintains robust internal procedures to identify, investigate, and report suspicious activities or transactions that may involve money laundering, terrorist financing, sanctions evasion, or other criminal conduct. These procedures are aligned with the legal and regulatory requirements under:

  • The Law of the Republic of Kazakhstan “On Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism”, including mandatory reporting obligations to the Financial Monitoring Agency;
  • The U.S. Bank Secrecy Act (BSA) and FinCEN regulations applicable to Money Services Businesses (MSBs);
  • The FATF Recommendations concerning suspicious transaction reporting and the role of Financial Intelligence Units (FIUs);
  • Other applicable international laws, standards, and inter-agency cooperation guidelines.

8.1 Reporting Obligation

MOCEAN LTD is legally obligated to file a Suspicious Activity Report (SAR) or equivalent suspicious transaction report (STR) when:

  • A transaction is suspected to involve the proceeds of crime, terrorist financing, fraud, or any other illicit activity;
  • The transaction lacks an apparent lawful purpose or economic justification and cannot be reasonably explained after appropriate inquiry;
  • There is reasonable ground to suspect that a transaction or pattern of transactions is intended to evade AML/CFT controls, such as structuring or use of privacy-enhancing technologies;
  • The transaction involves sanctioned persons or jurisdictions;
  • The customer’s behavior suggests an attempt to deceive or mislead the institution regarding identity, source of funds, or transaction purpose.

Reporting is required regardless of the transaction amount, and even if the transaction is not completed.

8.2 Internal Escalation and Investigation Process

Upon detection of suspicious activity through transaction monitoring, customer interaction, or employee observation, the following process applies:

  1. Initial Detection: The Compliance Department reviews the flagged activity or receives a report from a front-line employee, automated system, or external source.
  2. Preliminary Analysis: A designated compliance analyst evaluates the context, background, and available documentation to determine whether there is a reasonable basis for suspicion.
  3. Case Escalation: If suspicion remains, the case is escalated to the AML Compliance Officer (AMLCO) for formal review and final determination.
  4. SAR Preparation: If the AMLCO determines that a SAR filing is warranted, the report is drafted with complete, accurate, and non-speculative information, including:
    • Transaction details (amount, date, asset type, counterparty wallet);
    • Customer and counterparty identities (to the extent known);
    • Description of the suspicious indicators and rationale;
    • Supporting documentation and any internal notes.
  5. SAR Submission: The SAR is filed with the appropriate Financial Intelligence Unit (e.g., Financial Monitoring Agency of Kazakhstan, FinCEN in the United States) within the statutory deadline (typically 15 business days from detection in Kazakhstan; 30 days under U.S. rules).

8.3 Confidentiality and Legal Protections

MOCEAN LTD ensures strict confidentiality of SARs and internal investigations. The following legal requirements are enforced:

  • Employees and officers are prohibited from disclosing (tipping off) the existence or content of a SAR or the fact that a report has been submitted.
  • SARs and related records are maintained securely and are accessible only to authorized compliance personnel.
  • Individuals who file or contribute to a SAR in good faith are protected from civil or criminal liability under relevant laws in Kazakhstan and the United States.

8.4 Staff Reporting Responsibilities

All employees, officers, and agents of MOCEAN LTD are required to promptly report any activity they consider suspicious to the Compliance Department or AMLCO. The Company provides training to ensure staff understand how to recognize suspicious behavior and the appropriate escalation channels.

8.5 Recordkeeping

All SARs, supporting documents, and related internal communications are retained for no less than five (5) years from the date of filing, or longer if required by applicable law or ongoing regulatory investigation.

9. Sanctions Compliance

MOCEAN LTD is committed to full compliance with all applicable economic and trade sanctions laws and regulations imposed by competent authorities, including but not limited to:

  • The Republic of Kazakhstan’s sanctions regime, enforced by the Financial Monitoring Agency and other relevant bodies;
  • The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctions programs;
  • United Nations (UN) Security Council sanctions resolutions;
  • European Union (EU) restrictive measures;
  • Other applicable international sanctions lists or embargoes relevant to jurisdictions in which MOCEAN LTD operates.

As a financial institution and Virtual Asset Service Provider (VASP), MOCEAN LTD recognizes that failure to adhere to sanctions compliance obligations can result in serious legal, financial, and reputational consequences, including criminal liability.

9.1 Sanctions Screening

MOCEAN LTD conducts real-time and periodic sanctions screening against all relevant watchlists to ensure that it does not:

  • Establish business relationships with designated persons or entities (e.g., individuals, companies, crypto wallets, or virtual asset addresses subject to sanctions);
  • Facilitate or process transactions involving sanctioned countries, territories, or regimes;
  • Provide services that indirectly benefit sanctioned parties, including through intermediaries, affiliates, or shell structures.

Screening is conducted at the following stages:

  • Customer onboarding (individuals and legal entities);
  • Ongoing customer due diligence (CDD);
  • Transaction execution, including wallet-to-wallet transfers;
  • Periodic batch rescreening of all existing clients and counterparties;
  • Third-party vendors, contractors, and agents performing relevant services.

MOCEAN LTD uses advanced automated screening systems supplemented by manual review protocols to detect and address name matches, fuzzy logic results, and potential false positives.

9.2 Sanctioned Virtual Asset Addresses

MOCEAN LTD maintains and updates a blocklist of virtual asset wallet addresses identified as linked to:

  • Sanctioned individuals or entities (e.g., as published by OFAC’s SDN list or the UN Consolidated List);
  • Illicit actors involved in money laundering, terrorism financing, ransomware operations, or darknet marketplaces;
  • Blockchain intelligence firms’ alerts and typologies involving mixers, tumblers, or high-risk DeFi protocols.

The Company proactively blocks, flags, and escalates any interaction—direct or indirect—with such addresses. Where required, transactions are halted, funds are frozen, and a report is filed with the appropriate authority.

9.3 Risk-Based Jurisdictional Controls

To manage exposure to high-risk or sanctioned jurisdictions, MOCEAN LTD enforces geofencing, IP address blocking, and customer segmentation based on country risk classifications. The Company does not permit onboarding or transacting with individuals or entities located in:

  • Comprehensively sanctioned jurisdictions, such as North Korea, Iran, and Syria;
  • Jurisdictions subject to targeted financial sanctions unless explicitly permitted by law and with enhanced controls;
  • Other high-risk jurisdictions identified by the FATF as subject to a call for action or strategic deficiencies.

9.4 Internal Governance and Escalation

  • All sanctions alerts are promptly reviewed by the Compliance Department.
  • True positive matches or transactions involving sanctions risk are escalated to the AML Compliance Officer (AMLCO) for final determination and regulatory reporting.
  • Where applicable, blocked transactions or accounts are reported to the competent sanctions enforcement authority (e.g., OFAC, Kazakhstan’s Financial Monitoring Agency) in accordance with statutory timelines.

9.5 Training and Awareness

All employees, agents, and relevant third parties receive annual training on sanctions compliance obligations, including:

  • How to identify and escalate sanctions alerts;
  • The legal consequences of violations;
  • Procedures for handling sanctions matches and avoiding “tipping off.”

The Company’s training is regularly updated to reflect changes in sanctions programs and emerging geopolitical risks.

10. Training and Awareness

MOCEAN LTD recognizes that a well-informed and vigilant workforce is essential for the effective implementation of its Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) framework. Accordingly, the Company maintains a structured and mandatory AML/CTF Training and Awareness Program, designed to ensure that all relevant personnel understand their legal obligations, the Company’s internal controls, and the risks associated with virtual asset services.

This program is implemented in accordance with:

  • The Law of the Republic of Kazakhstan on Combating Legalization (Laundering) of Proceeds from Crime and Financing of Terrorism;
  • The U.S. Bank Secrecy Act (BSA) and related FinCEN requirements for Money Services Businesses (MSBs);
  • The FATF Recommendations, particularly Recommendation 18 (Internal Controls and Foreign Branches/Subsidiaries);
  • Regulatory expectations applicable to Virtual Asset Service Providers (VASPs) operating in multiple jurisdictions.

10.1 Scope and Applicability

AML/CTF training is mandatory for the following categories of individuals:

  • All employees, including front-line, operations, finance, technology, and customer service teams;
  • Senior management, officers, and members of the board of directors;
  • Designated AML Compliance Officer (AMLCO) and members of the Compliance Department;
  • Contractors, agents, and third-party service providers performing client-facing or transaction-processing duties on behalf of MOCEAN LTD.

10.2 Training Objectives

The core objectives of MOCEAN LTD’s AML/CTF training program are to:

  • Educate employees about the risks of money laundering, terrorism financing, sanctions evasion, and the misuse of digital assets;
  • Ensure awareness of the Company’s AML policies, procedures, and controls;
  • Train staff on how to recognize and respond to suspicious behavior, red flags, and reportable transactions;
  • Promote understanding of legal and regulatory obligations, including SAR filing requirements, KYC/CDD protocols, and sanctions compliance;
  • Reinforce the importance of recordkeeping, confidentiality, and compliance culture.

10.3 Frequency and Format

  • Initial Training: All new hires must complete AML/CTF training within 30 days of joining the Company.
  • Ongoing Training: All applicable staff must complete annual refresher training.
  • Targeted Training: Role-specific modules (e.g., transaction monitoring, blockchain analytics, sanctions handling) are delivered to employees in high-risk or specialized functions.
  • Ad-hoc Training: Additional training is provided when significant regulatory changes occur or when audit findings warrant reinforcement.

Training is delivered through a combination of:

  • Interactive e-learning platforms;
  • Instructor-led workshops and seminars;
  • Case studies and typology analysis;
  • Scenario-based assessments and quizzes.

10.4 Assessment and Certification

All participants are required to pass a knowledge assessment upon completion of training. A training completion certificate is issued and retained in the employee's compliance record.

Failure to complete required training or to pass assessments may result in disciplinary action, up to and including suspension from sensitive duties.

10.5 Recordkeeping and Audit Trail

MOCEAN LTD maintains detailed records of:

  • Training attendance logs;
  • Training materials and curriculum;
  • Completion certifications;
  • Assessment results and feedback;
  • Dates and frequency of training activities.

These records are retained for a minimum of five (5) years or as otherwise required by applicable law and are subject to internal audit and regulatory examination.

10.6 Responsibility and Oversight

The AML Compliance Officer (AMLCO) is responsible for:

  • Designing, updating, and overseeing the AML/CTF training program;
  • Ensuring consistency with emerging risks, new regulatory developments, and evolving best practices;
  • Reporting training completion metrics and deficiencies to senior management and the board.

11. Recordkeeping and Data Retention

MOCEAN LTD maintains a robust and legally compliant recordkeeping framework designed to ensure the accurate retention, retrieval, and protection of all documents and data generated in the course of conducting Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) compliance activities. This is in accordance with the requirements of:

  • The Law of the Republic of Kazakhstan “On Combating the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism”;
  • The U.S. Bank Secrecy Act (BSA) and FinCEN recordkeeping obligations applicable to Money Services Businesses (MSBs);
  • Applicable Financial Action Task Force (FATF) Recommendations, specifically Recommendation 11 (Recordkeeping);
  • Any additional jurisdiction-specific laws and data retention regulations relevant to MOCEAN LTD’s operations.

11.1 Purpose and Legal Basis

The objective of the Company’s recordkeeping program is to:

  • Ensure that all records are sufficient to reconstruct individual transactions (including cryptocurrency transfers and fiat operations)...
  • Maintain adequate audit trails and documentation...
  • Facilitate timely reporting and disclosure to financial intelligence units (FIUs)...

11.2 Types of Records Retained

MOCEAN LTD retains the following categories of information and documentation:

A. Customer Due Diligence (CDD) Records

  • Identity verification documents...
  • Corporate documents...
  • Risk assessments, KYC forms...

B. Transaction Records

  • Transaction data including dates, amounts...
  • Source of funds and destination details
  • Transaction monitoring flags, alerts...

C. Suspicious Activity Reporting (SAR/STR) Records

  • Internal investigation notes...
  • Final SAR/STR filings and acknowledgment receipts...
  • Supporting documents...

D. Training and Internal Controls

  • Staff training logs, attendance, certificates
  • Audit reports and compliance testing results
  • Policy updates, board approvals...

11.3 Retention Period

MOCEAN LTD retains all relevant AML/CTF-related records for a minimum of five (5) years...

  • CDD and onboarding records...
  • Transaction records...
  • SARs and internal investigation documents...
  • Training and internal audit records...

The Company reserves the right to extend retention periods...

11.4 Data Protection and Access Controls

To ensure confidentiality, integrity, and security of retained records, MOCEAN LTD implements the following measures:

  • Access to records is strictly limited...
  • Encryption, multi-factor authentication...
  • All physical records...
  • A formal record destruction policy...

11.5 Audit Trail and Regulatory Cooperation

All retained records are indexed and maintained to ensure full traceability...

  • Competent regulatory authorities...
  • Law enforcement or judicial authorities...
  • Independent auditors and legal counsel...

12. Independent Audit and Program Review

MOCEAN LTD is committed to ensuring the effectiveness, integrity, and continuous improvement of its Anti-Money Laundering (AML)...

This obligation is fulfilled in accordance with:

  • The Law of the Republic of Kazakhstan...
  • The U.S. Bank Secrecy Act (BSA)...
  • FATF Recommendation 18...
  • Local and international VASP compliance standards

12.1 Objective

The objective of the independent audit function is to:

  • Evaluate whether the AML/CTF compliance program is operating effectively...
  • Identify weaknesses, inefficiencies, or gaps...
  • Assess the quality and effectiveness of transaction monitoring...
  • Provide actionable recommendations...

12.2 Frequency and Scope

  • An independent AML audit is conducted at least annually or more frequently in the event of:
    • Material changes to the regulatory framework
    • Introduction of new products or technologies
    • Deficiencies identified by regulators
    • High-risk incidents or violations
  • The scope of the audit covers:
    • Governance and AMLCO oversight
    • Risk assessments
    • KYC/CDD/EDD procedures
    • Monitoring and reporting systems
    • Sanctions compliance
    • Training and awareness
    • Record retention and system security

12.3 Independence and Qualifications

  • Audits are performed by qualified internal personnel or external experts...
  • Auditor selection is based on experience and regulatory knowledge...

12.4 Audit Findings and Corrective Actions

  • Audit reports are submitted to senior management and the Board
  • Findings are categorized and include remediation plans
  • Compliance Department responsibilities:
    • Developing and implementing corrective actions
    • Monitoring remediation progress
    • Reporting to management and documenting actions

12.5 Regulator Access and Cooperation

MOCEAN LTD maintains full transparency with supervisory and regulatory bodies. Upon request, audit reports and remediation evidence are made available to:

  • The Financial Monitoring Agency of Kazakhstan
  • The U.S. FinCEN
  • Other competent authorities as required

13. Enforcement

Strict adherence to this AML Policy is mandatory. Non-compliance with the provisions set forth herein will result in enforcement actions, which may include:

  • Disciplinary Measures: Any employee, contractor, officer, or agent found to be in violation of this AML Policy may be subject to internal disciplinary measures, up to and including termination of employment or cessation of business relationships;
  • Regulatory Reporting: MOCEAN LTD reserves the right to notify competent regulatory or law enforcement authorities of any breaches, suspected breaches, or criminal conduct identified during the course of business operations;
  • Legal Consequences: Non-compliance with AML/CTF laws and regulatory obligations may expose the individual and/or MOCEAN LTD to civil penalties, administrative sanctions, and criminal prosecution as per applicable jurisdictional laws.

All employees and associated persons are required to acknowledge their understanding of this policy and their obligation to report actual or suspected violations through the appropriate internal channels.

14. Policy Governance and Review

The AML Policy of MOCEAN LTD is governed and overseen by the Company's Board of Directors and Senior Management. The AML Compliance Officer (AMLCO) holds primary responsibility for implementing, reviewing, and updating this policy in accordance with legal and regulatory developments.

14.1 Governance Responsibilities

  • The Board ensures the AML Policy is appropriately resourced and supported by senior management;
  • The AMLCO reports on compliance performance, emerging risks, and key metrics to the Board on a regular basis;
  • Internal committees may be established to monitor and support AML compliance across business functions.

14.2 Review and Updates

  • This policy is subject to a formal review at least annually or upon:
    • Significant changes to the Company's services or client base;
    • Amendments to applicable AML/CFT laws and regulatory expectations;
    • Identification of material control deficiencies through audits, reviews, or regulatory findings.
  • All policy changes must be approved by senior management and the Board, and communicated to relevant stakeholders in a timely manner.

MOCEAN LTD is committed to maintaining a dynamic and responsive AML compliance program that adapts to evolving risks and upholds the highest standards of legal and regulatory integrity.