OGNIMOHUB MFS Transaction, KYC & AML Policy Know Your Customer | Anti-Money Laundering | Counter-Financing of Terrorism Version 2.0 | Effective Date: May 12, 2026 | Classification: Confidential |
REGULATORY COMPLIANCE NOTICE |
This Policy is established in compliance with applicable Anti-Money Laundering (AML), Counter-Financing of Terrorism (CFT), and financial regulatory obligations. All Ognimohub staff, agents, and partners involved in financial services operations are required to read, understand, and adhere to this Policy in full. Non-compliance may result in disciplinary action, regulatory sanctions, and criminal liability. |
Table of Contents
Section | Title |
|---|---|
1 | Purpose, Scope, and Regulatory Framework |
2 | Definitions |
3 | Governance, Roles, and Responsibilities |
4 | Customer Due Diligence (CDD) and KYC Requirements |
5 | Enhanced Due Diligence (EDD) |
6 | Simplified Due Diligence (SDD) |
7 | Politically Exposed Persons (PEPs) |
8 | Sanctions Screening |
9 | Transaction Monitoring |
10 | Transaction Limits and Controls |
11 | Suspicious Activity Reporting (SAR/STR) |
12 | Record Keeping and Retention |
13 | Risk-Based Approach and Customer Risk Rating |
14 | Staff Training and Awareness |
15 | Third-Party Reliance and Outsourcing |
16 | Policy Review and Audit |
17 | Escalation and Contact |
1. Purpose, Scope, and Regulatory Framework
1.1 Purpose
This Transaction, KYC & AML Policy ("Policy") establishes Ognimohub's comprehensive framework for preventing, detecting, and reporting money laundering, terrorism financing, and other financial crimes facilitated through our Mobile Finance Services platform. It defines the standards, procedures, and controls governing customer identification and verification, transaction monitoring, risk assessment, and our legal and regulatory reporting obligations.
Ognimohub is committed to the highest standards of financial integrity and to ensuring that our platforms and services are not exploited as vehicles for financial crime. This Policy is a living document reviewed regularly to remain aligned with evolving regulatory requirements and emerging financial crime typologies.
1.2 Scope
This Policy applies to:
All Ognimohub MFS products and services including digital wallets, domestic and international money transfers, bill payments, merchant payments, and all other licensed financial products.
All Ognimohub employees, directors, officers, agents, contractors, and third parties performing functions on behalf of Ognimohub in connection with financial services delivery.
All customers, prospective customers, and beneficial owners of accounts on the Ognimohub MFS platform, irrespective of transaction value, channel, or geography.
All transactions processed through the Ognimohub platform in any currency or form.
1.3 Regulatory Framework
This Policy is established in compliance with the following applicable legal, regulatory, and international frameworks:
Financial Action Task Force (FATF) Recommendations — the international standard for AML/CFT compliance, including the risk-based approach to customer due diligence.
Applicable national Anti-Money Laundering and Proceeds of Crime legislation in all jurisdictions where Ognimohub is licensed to operate.
Counter-Financing of Terrorism (CFT) legislation and regulatory directives.
Central Bank and Financial Intelligence Unit (FIU) regulations and guidelines governing mobile money and digital financial services.
Payment Services Regulations applicable to Ognimohub's licensed financial activities.
United Nations Security Council (UNSC) sanctions resolutions and applicable national and international sanctions regimes.
General Data Protection Regulation (GDPR) and applicable privacy laws governing personal data collected during KYC and AML processes.
Wolfsberg Group Principles on AML/CFT for correspondent banking and digital financial services.
2. Definitions
The following terms carry the meanings defined below throughout this Policy:
Term | Definition |
|---|---|
AML | Anti-Money Laundering — laws, regulations, and procedures designed to prevent the proceeds of crime from being disguised as legitimate income. |
CFT | Counter-Financing of Terrorism — measures to detect, prevent, and disrupt financial flows that support terrorist activities. |
KYC | Know Your Customer — the process of verifying customer identity and understanding account purpose and transaction behavior to assess financial crime risk. |
CDD | Customer Due Diligence — standard identity verification and risk assessment applied to all customers at onboarding and on an ongoing basis. |
EDD | Enhanced Due Diligence — additional, more rigorous verification and closer ongoing monitoring applied to higher-risk customers, transactions, and relationships. |
SDD | Simplified Due Diligence — a reduced level of due diligence permissible in defined low-risk circumstances as prescribed by applicable regulation. |
PEP | Politically Exposed Person — an individual who holds or has held a prominent public function, or a close associate or family member of such a person, who presents elevated corruption and financial crime risk. |
SAR / STR | Suspicious Activity / Transaction Report — a formal report filed with the relevant Financial Intelligence Unit (FIU) when suspicious activity or a suspicious transaction is identified. |
FIU | Financial Intelligence Unit — the national body responsible for receiving, analyzing, and acting on financial intelligence relating to suspected money laundering and terrorism financing. |
Beneficial Owner | The natural person(s) who ultimately own or control a legal entity, arrangement, or account, or on whose behalf a transaction or activity is conducted. |
Tipping Off | The criminal offence of disclosing to a subject — directly or indirectly — that a suspicious activity investigation is underway or that a SAR has been filed, which could prejudice such investigation. |
Risk Appetite | The level and type of AML/CFT risk Ognimohub is prepared to accept in pursuit of its business objectives, as determined by senior management and the board. |
MLCO | Money Laundering Compliance Officer — the designated officer accountable for Ognimohub's AML/CFT compliance programme. |
Sanctions | Restrictive financial and economic measures imposed by governments, the UN, or international bodies targeting designated individuals, entities, or jurisdictions. |
Source of Funds | The origin of the funds used in a specific transaction or deposited into an account. |
Source of Wealth | The total wealth of a customer and how it was accumulated over time — assessed during EDD. |
3. Governance, Roles, and Responsibilities
3.1 Board and Senior Management
The Ognimohub Board of Directors and senior management bear ultimate responsibility for the effectiveness of this Policy and the organization's AML/CFT compliance programme. Specific responsibilities include:
Approving this Policy and all material amendments, ensuring it reflects current regulatory requirements and best practice.
Establishing and maintaining a culture of compliance and zero tolerance for financial crime facilitation at all levels of the organization.
Allocating sufficient resources — financial, human, and technological — to ensure the effectiveness of the AML/CFT programme.
Receiving regular compliance reporting from the MLCO and taking appropriate action on identified deficiencies or escalated concerns.
3.2 Money Laundering Compliance Officer (MLCO)
Ognimohub has designated a Money Laundering Compliance Officer (MLCO) who is responsible for:
Day-to-day oversight and implementation of this Policy and the AML/CFT compliance programme.
Receiving, reviewing, and determining whether to file Suspicious Activity Reports (SARs) or Suspicious Transaction Reports (STRs) with the relevant FIU.
Liaising with regulatory authorities, law enforcement, and financial intelligence units on AML/CFT matters.
Overseeing staff training, policy updates, and internal AML audits.
Maintaining the AML/CFT risk register and reporting to senior management and the board on compliance status.
Acting as the primary contact point for all internal AML/CFT escalations from staff.
3.3 All Staff
All Ognimohub employees and agents with any role in customer onboarding, transaction processing, customer service, or financial operations are required to:
Read, understand, and comply with this Policy and all related AML/CFT procedures.
Complete all mandatory AML/CFT training programmes within required timeframes and upon any material policy update.
Report any suspicious customer activity, transaction, or behavior to the MLCO promptly using the internal reporting process.
Never tip off a customer, third party, or unauthorized colleague that a SAR has been filed or that an investigation is underway.
Escalate any uncertainty about whether an activity should be reported to the MLCO immediately.
4. Customer Due Diligence (CDD) and KYC Requirements
4.1 When CDD Must Be Performed
Ognimohub is required to perform Customer Due Diligence (CDD) in the following circumstances:
When establishing a new business relationship with any customer — prior to activating account access and transaction functionality.
When conducting occasional transactions at or above applicable regulatory reporting thresholds.
When there is a suspicion of money laundering or terrorism financing, regardless of transaction amount.
When there is doubt about the accuracy or adequacy of previously obtained customer identification information.
At periodic review intervals based on the customer's assigned risk rating.
4.2 Standard CDD — Individual Customers
For individual (personal) account customers, the following information and documentation must be collected, verified, and recorded:
Requirement | Details |
|---|---|
Full Legal Name | Must match government-issued identity document exactly. |
Date of Birth | Verified against identity document; used to confirm minimum age requirement. |
Nationality and Country of Residence | Required for risk assessment and sanctions screening. |
Primary Identity Document | Valid government-issued photo ID — National Identity Card, Passport, or Driver's Licence. |
Secondary / Proof of Address | Utility bill, bank statement, or government correspondence dated within 3 months (required for higher-tier accounts). |
Mobile Number Verification | OTP-verified mobile number linked to the account. |
Email Address Verification | Verified email address on record. |
Biometric / Facial Verification | Liveness check and facial match against identity document — required for MFS account activation. |
Source of Funds Declaration | Declaration of the primary income source used to fund the account (required for accounts above defined thresholds). |
4.3 Standard CDD — Business and Corporate Customers
For business, corporate, or organizational accounts, additional due diligence is required:
Certificate of Incorporation or equivalent business registration document.
Memorandum and Articles of Association or equivalent constitutional document.
Proof of registered business address.
Full KYC documentation for all directors, authorized signatories, and beneficial owners holding 10% or more of the entity.
Corporate bank account details and evidence of business activity.
Board resolution or authorization letter confirming the signatory's authority to operate the account.
Beneficial ownership register or declaration identifying all ultimate beneficial owners (UBOs).
4.4 Ongoing CDD and Periodic Review
CDD is not a one-time exercise. Ognimohub conducts ongoing monitoring of all customer relationships and performs periodic reviews in accordance with each customer's risk rating:
Risk Rating | Periodic CDD Review Frequency |
|---|---|
Low Risk | Every 3 years or upon trigger event |
Medium Risk | Every 2 years or upon trigger event |
High Risk | Annually or upon trigger event |
PEP / Sanctioned / EDD | Every 6 months or upon trigger event |
Trigger events requiring an out-of-cycle CDD review include: significant changes in transaction behavior, changes in account ownership or control, receipt of negative news, identification of links to high-risk jurisdictions, or law enforcement inquiry.
4.5 Non-Face-to-Face (Remote) Customer Onboarding
As a digital-first platform, Ognimohub conducts all customer onboarding remotely. To mitigate the higher risk associated with non-face-to-face identification, the following additional controls apply:
Mandatory biometric liveness detection and facial match verification against submitted identity documents using certified third-party verification technology.
Document authenticity checks including NFC chip reading, UV pattern verification (where applicable), and cross-referencing with national identity databases.
Mobile number verification via OTP to confirm ownership of the registered number.
Device fingerprinting and IP geolocation checks to detect anomalies and VPN/proxy usage during onboarding.
Sanctions and PEP screening performed automatically at the point of onboarding before account activation.
5. Enhanced Due Diligence (EDD)
5.1 When EDD is Required
Enhanced Due Diligence must be applied — as a minimum — in the following circumstances:
Customers identified as Politically Exposed Persons (PEPs) or close associates of PEPs — see Section 7.
Customers or transactions connected to high-risk jurisdictions designated by FATF, the EU, UNSC, or Ognimohub's internal high-risk country list.
Business relationships or transactions that are unusual in nature, structure, or volume relative to the customer's stated profile.
Corporate customers with complex ownership structures, shell company characteristics, or nominee shareholders.
Customers with an identified link to sectors presenting elevated money laundering risk, including cash-intensive businesses, real estate, precious metals, and virtual asset service providers (VASPs).
Customers flagged by automated transaction monitoring systems as high-risk.
Any situation where standard CDD is insufficient to adequately assess the risk presented.
5.2 EDD Measures
In addition to all standard CDD requirements, Enhanced Due Diligence involves one or more of the following additional measures, commensurate with the identified risk:
Senior management approval — EDD relationships must be approved by a designated senior manager or the MLCO before activation.
Source of funds verification — documentary evidence of the specific funds used in transactions (e.g. payslips, business invoices, sale proceeds, inheritance documents).
Source of wealth investigation — understanding of how the customer accumulated their total wealth over time.
Enhanced transaction monitoring — closer scrutiny of all transactions on the account, with lower thresholds for alert generation.
Adverse media and negative news screening — targeted searches of open source, commercial databases, and media archives for derogatory information.
Frequency of periodic review — EDD accounts are reviewed at least every six months or more frequently if warranted.
In-person or video verification — where the risk level warrants additional identity assurance beyond remote biometric verification.
6. Simplified Due Diligence (SDD)
Simplified Due Diligence may be applied in limited, low-risk circumstances expressly permitted by applicable regulation. SDD does not mean no due diligence — it means a reduced level of verification proportionate to the documented low risk.
SDD may be permissible for:
Low-value, low-velocity accounts with defined transaction limits, where the regulatory framework expressly permits reduced verification.
Financial institutions subject to equivalent AML/CFT supervision in jurisdictions with strong regulatory frameworks.
Government bodies and public authorities in low-risk jurisdictions.
The application of SDD must be documented, approved by the MLCO, and reviewed if any change in the customer's risk profile is detected. SDD does not exempt Ognimohub from its obligation to monitor transactions and report suspicious activity.
7. Politically Exposed Persons (PEPs)
7.1 Definition and Categories
Politically Exposed Persons (PEPs) present an elevated risk of corruption, bribery, and abuse of public office. Ognimohub applies enhanced scrutiny to all PEP relationships. PEPs are categorized as follows:
Domestic PEPs — individuals who hold or have held prominent public functions within the country of operation, including heads of state, senior government officials, members of parliament, senior judicial officers, senior military officers, and executives of state-owned enterprises.
Foreign PEPs — individuals who hold or have held a prominent public function in a foreign country.
International Organization PEPs — senior officials of international organizations such as the United Nations, IMF, World Bank, and similar bodies.
Close Associates — individuals known to be close business associates or personal associates of a PEP.
Immediate Family Members — spouses, partners, children, parents, and siblings of a PEP.
7.2 PEP Handling Requirements
All customers must be screened against PEP databases at onboarding and on an ongoing basis using Ognimohub's automated screening tools.
Where a customer is identified as a PEP or close associate, Enhanced Due Diligence must be applied as set out in Section 5.
Approval to onboard or continue a PEP relationship must be obtained from senior management or the MLCO.
PEP status does not automatically disqualify a customer from using Ognimohub's services — it triggers heightened scrutiny and ongoing monitoring.
Former PEPs — individuals who have left prominent public roles — remain subject to enhanced scrutiny for a minimum period of 12 to 24 months following the end of their public function, depending on assessed residual risk.
8. Sanctions Screening
8.1 Screening Obligation
Ognimohub is legally prohibited from conducting financial transactions with, or providing services to, individuals, entities, or jurisdictions subject to applicable financial sanctions. Ognimohub maintains a real-time, automated sanctions screening programme covering all customers, transactions, and counterparties.
8.2 Sanctions Lists Screened
Ognimohub screens against the following sanctions lists as a minimum:
United Nations Security Council (UNSC) Consolidated Sanctions List.
Office of Foreign Assets Control (OFAC) — Specially Designated Nationals (SDN) and Blocked Persons List.
European Union Consolidated Financial Sanctions List.
UK HM Treasury Office of Financial Sanctions Implementation (OFSI) Consolidated List.
Applicable national sanctions lists in all jurisdictions where Ognimohub is licensed and operates.
FATF-designated high-risk and monitored jurisdictions list.
8.3 Screening Process
All customers are screened at the point of onboarding — account activation is blocked pending a clear screening result.
All transactions are screened in real time against current sanctions lists before execution.
Sanctions lists are updated at minimum daily, and system alerts are triggered automatically upon any list update that affects existing customers.
Where a potential match is identified, the transaction or account is automatically frozen and escalated to the MLCO for review within 24 hours.
Confirmed matches result in immediate account suspension, refusal of service, and mandatory reporting to the appropriate regulatory authority in accordance with applicable law.
All screening results — including false positives and their resolution — are documented and retained for regulatory inspection.
8.4 High-Risk Jurisdictions
In addition to named sanctions targets, Ognimohub applies heightened scrutiny to transactions involving individuals, entities, or funds connected to jurisdictions identified as high-risk by FATF, the EU, or Ognimohub's internal country risk assessment. Transactions involving high-risk jurisdictions automatically trigger EDD requirements.
9. Transaction Monitoring
9.1 Overview
Ognimohub operates a continuous, real-time transaction monitoring system designed to detect patterns, behaviors, and transactions that may indicate money laundering, terrorism financing, fraud, or other financial crime. The system applies rule-based and behavioral analytics models to all transactions processed through the platform.
9.2 Monitoring Typologies and Red Flags
The transaction monitoring system is configured to detect, among others, the following suspicious patterns and red flags:
Structuring (smurfing) — multiple transactions just below reporting thresholds designed to avoid detection, conducted within a short timeframe by the same or related accounts.
Rapid movement of funds — funds received and immediately transferred out with no apparent business or personal purpose, also known as pass-through transactions.
Unusual transaction velocity — a sudden and unexplained increase in transaction frequency or volume inconsistent with the customer's established profile.
Geographic anomalies — transactions involving jurisdictions with no apparent connection to the customer's stated residence or business operations.
Round-sum transactions — frequent transactions in exact round amounts lacking apparent commercial purpose.
High-value cash-equivalent transactions — large deposits or withdrawals inconsistent with the customer's declared income or business activity.
Multiple accounts with common beneficiaries — coordinated transactions across multiple accounts sharing common recipient details suggestive of organized financial crime.
Inconsistency with customer profile — transaction patterns that are materially inconsistent with the customer's declared occupation, income level, or stated account purpose.
Repeated failed verification or authentication attempts — possible indicators of account takeover attempts.
Layering indicators — complex chains of transactions across multiple accounts, currencies, or platforms designed to obscure the origin of funds.
9.3 Alert Handling
When the transaction monitoring system generates an alert, the following process applies:
Stage | Action | Responsible Party | Timeframe |
|---|---|---|---|
Alert Generated | System automatically flags transaction or account for review. | Automated System | Real-time |
Initial Review | Compliance analyst reviews alert context, transaction history, and customer profile. | Compliance Team | Within 24 hours |
Escalation Decision | Analyst determines whether to dismiss (false positive) or escalate to MLCO. | Compliance Analyst | Within 48 hours |
MLCO Review | MLCO reviews escalated alerts, requests additional information if needed, determines SAR filing. | MLCO | Within 5 business days |
Account Action | Account restriction, freeze, or continued monitoring applied as appropriate. | MLCO / Operations | As determined |
SAR Filing | SAR/STR filed with the relevant FIU where evidence warrants. | MLCO | Within regulatory deadline |
Documentation | Full record of alert, review, decision, and outcome documented. | Compliance Team | Concurrent |
10. Transaction Limits and Controls
10.1 Purpose of Transaction Limits
Ognimohub applies tiered transaction limits calibrated to customer identity verification level, risk rating, and applicable regulatory requirements. Transaction limits serve as a key control to limit the platform's exposure to financial crime risk while enabling legitimate users to access proportionate levels of service.
10.2 Tiered Transaction Limit Framework
Account Tier | Verification Level | Daily Transaction Limit | Monthly Transaction Limit |
|---|---|---|---|
Tier 1 — Basic | Phone number + OTP only | Low (set per regulatory guidance) | Low (set per regulatory guidance) |
Tier 2 — Standard | Full KYC — government ID + biometric | Medium (set per regulatory guidance) | Medium (set per regulatory guidance) |
Tier 3 — Enhanced | Full KYC + source of funds + EDD clearance | High (set per regulatory guidance) | High (set per regulatory guidance) |
Business Account | Full corporate KYC + UBO verification | Negotiated per business profile | Negotiated per business profile |
Note: |
Specific transaction limit amounts are defined in Ognimohub's internal Fee and Limit Schedule, which is reviewed and updated in line with regulatory guidance and business risk appetite. Limits may be adjusted without notice where required by regulatory directive or where suspicious activity is detected. |
10.3 Additional Transaction Controls
Velocity controls — automated limits on the number of transactions permitted within defined timeframes to prevent structuring.
Destination controls — restrictions on transfers to high-risk jurisdictions or specific categories of counterparties.
Out-of-pattern alerts — real-time alerts generated when a transaction materially deviates from the customer's established behavioral baseline.
Manual override controls — the MLCO or senior compliance officer may impose temporary or permanent account-level restrictions overriding standard automated limits.
Cooling-off periods — mandatory delays applied to high-value or first-time large transactions to allow for additional verification.
11. Suspicious Activity Reporting (SAR / STR)
11.1 Obligation to Report
Ognimohub, its MLCO, and all relevant staff have a legal obligation to file a Suspicious Activity Report (SAR) or Suspicious Transaction Report (STR) with the relevant Financial Intelligence Unit (FIU) whenever there is knowledge, suspicion, or reasonable grounds to suspect that a transaction or activity involves the proceeds of crime, terrorism financing, or any other predicate financial crime.
The threshold for filing a SAR is suspicion — not proof. Ognimohub does not need to establish that a crime has been committed before filing a report. The FIU is responsible for investigating and acting on the intelligence provided.
11.2 Internal Suspicious Activity Reporting
All staff who identify or suspect suspicious activity must:
Document the suspicious activity or transaction in detail using the internal SAR reporting form, including the nature of the suspicion, relevant transaction details, and customer information.
Submit the internal SAR report to the MLCO promptly and without delay — delays in reporting may constitute a regulatory breach.
Not take any action on the account (including rejecting a transaction) without first consulting the MLCO, to avoid tipping off the customer.
Not discuss the SAR with any unauthorized colleague, manager, or third party.
11.3 MLCO Decision and External Filing
Upon receipt of an internal SAR, the MLCO will:
Review all available information and conduct further investigation as required.
Decide whether to file an external SAR/STR with the relevant FIU within the timeframe required by applicable law.
Provide consent to proceed with, or direct the refusal of, any pending transaction pending investigation.
Document the decision — including the rationale for filing or not filing — in the compliance records.
Notify the Board or relevant senior management of material SAR filings in the periodic compliance report.
11.4 Tipping Off Prohibition
TIPPING OFF — CRIMINAL OFFENCE |
It is a criminal offence to disclose to any person — directly or indirectly — that a SAR has been filed or that an AML/CFT investigation is underway, if such disclosure could prejudice the investigation. This prohibition applies to all Ognimohub staff at all levels. Breach of the tipping-off prohibition may result in criminal prosecution, unlimited fines, and imprisonment. If you are uncertain whether any communication with a customer could constitute tipping off, you must consult the MLCO immediately before proceeding. |
12. Record Keeping and Retention
12.1 Record Keeping Obligations
Ognimohub is legally required to maintain comprehensive, accurate, and accessible records of all KYC documentation, transaction data, due diligence activities, and AML/CFT compliance activities. These records must be of sufficient quality to reconstitute individual transactions and demonstrate the basis for compliance decisions to regulatory authorities.
12.2 Retention Schedule
Record Type | Minimum Retention Period | Basis |
|---|---|---|
KYC and identity verification documents | 5 years after end of business relationship | AML / Regulatory obligation |
Beneficial ownership records | 5 years after end of business relationship | AML / Regulatory obligation |
Transaction records (all MFS transactions) | 5–7 years from transaction date | AML / Tax / Audit obligation |
Suspicious Activity Reports (SARs/STRs) | 5 years from date of filing | Regulatory / Legal obligation |
Transaction monitoring alerts and decisions | 5 years from date of alert | Regulatory / Audit obligation |
EDD files and senior management approvals | 5 years after end of business relationship | Regulatory / Internal audit |
Staff training records (AML/CFT) | 5 years from date of training | Regulatory / Internal compliance |
Sanctions screening records and outcomes | 5 years from date of screening | Regulatory / Legal obligation |
Correspondence with regulators and FIU | Indefinitely or as directed by authority | Legal obligation |
Internal SAR reports (non-filed) | 5 years from date of report | Regulatory / Internal compliance |
12.3 Access and Security of Records
All KYC, transaction, and AML records are stored in secure, access-controlled systems with audit trail logging of all access events.
Records must be retrievable and made available to regulatory authorities, law enforcement, or the FIU upon lawful request within the timeframe stipulated.
Records shall be stored in formats that preserve their integrity and authenticity for the full retention period.
Physical destruction or digital deletion of AML-related records before the end of the mandatory retention period is strictly prohibited.
13. Risk-Based Approach and Customer Risk Rating
13.1 Risk-Based Approach
Ognimohub applies a documented risk-based approach (RBA) to AML/CFT compliance, as required by FATF Recommendations. The RBA means that the level of due diligence, monitoring, and controls applied to each customer and transaction is proportionate to the assessed level of financial crime risk presented.
13.2 Customer Risk Rating Methodology
Each customer is assigned an AML risk rating at onboarding and reviewed on an ongoing basis. The risk rating is determined by a combination of the following risk factors:
Risk Factor | Low Risk Indicators | High Risk Indicators |
|---|---|---|
Geographic Risk | Resident in low-risk, well-regulated jurisdiction | Resident in FATF high-risk or monitored jurisdiction |
Customer Type | Private individual with clear, verifiable identity | PEP, complex corporate structure, shell company |
Product / Service | Low-value, low-complexity transactions | High-value transactions, international transfers, complex products |
Transaction Behavior | Consistent with stated profile and income | Inconsistent with profile; unusual patterns; structuring indicators |
Business Sector | Employed in low-risk sector | Cash-intensive business, VASP, precious metals, real estate |
Adverse Information | No negative news, no prior SAR | Adverse media, prior SAR, regulatory action history |
Source of Funds | Clear, documented, verifiable | Unclear, unverifiable, or inconsistent |
13.3 Risk Rating Outcomes
Risk Rating | Due Diligence Level Applied |
|---|---|
Low Risk | Standard CDD. Periodic review every 3 years. Standard transaction monitoring thresholds. |
Medium Risk | Standard CDD with additional verification elements. Periodic review every 2 years. Enhanced monitoring sensitivity. |
High Risk | Enhanced Due Diligence (EDD). Annual review. Senior management approval required. Close transaction monitoring. |
Unacceptable Risk | Onboarding declined or existing relationship exited. SAR filing considered. Regulatory notification where required. |
14. Staff Training and Awareness
14.1 Training Obligations
Ognimohub is legally required to ensure that all relevant staff receive adequate, ongoing AML/CFT training. Training is a core component of our compliance programme and is mandatory for all employees and agents with any role in customer-facing, financial operations, or compliance functions.
14.2 Training Programme
Induction training — all new employees in relevant roles must complete AML/CFT induction training before performing any customer-facing or financial operations duties.
Annual refresher training — all relevant staff must complete annual AML/CFT refresher training covering updates to regulation, policy, and emerging financial crime typologies.
Role-specific training — employees in compliance, operations, and senior management receive advanced, role-specific AML/CFT training proportionate to their responsibilities.
Triggered training — additional training is provided following material regulatory changes, significant internal compliance incidents, or new financial crime typologies identified in Ognimohub's operating environment.
14.3 Training Records
The MLCO maintains a record of all AML/CFT training completed by each employee, including the date, content, and assessment results where applicable. Training completion rates are included in the MLCO's periodic compliance report to senior management. Failure to complete mandatory training within required timeframes will be escalated as a disciplinary matter.
15. Third-Party Reliance and Outsourcing
15.1 Reliance on Third Parties for CDD
Where permitted by applicable regulation, Ognimohub may rely on the CDD conducted by third-party introducers, agents, or service providers — such as regulated financial institutions or licensed identity verification providers. However:
Ognimohub retains full legal responsibility for the adequacy of CDD performed, even where it relies on a third party.
All third parties relied upon must be subject to equivalent AML/CFT regulatory requirements and must provide documentation confirming the CDD performed upon request.
Third-party reliance must be documented, approved by the MLCO, and subject to periodic assessment.
In high-risk situations and EDD cases, direct CDD by Ognimohub is required and third-party reliance is not permitted.
15.2 AML/CFT Outsourcing Controls
Where AML/CFT-related functions are outsourced to third-party technology providers or service bureaux (e.g. screening tools, transaction monitoring systems), Ognimohub ensures that:
All outsourced providers are subject to formal due diligence and contractual AML/CFT obligations prior to engagement.
Service level agreements include requirements for system uptime, data accuracy, timely screening list updates, and audit rights.
Outsourcing of compliance functions does not transfer or diminish Ognimohub's regulatory accountability.
Performance of outsourced AML/CFT tools and providers is reviewed at least annually by the MLCO.
16. Policy Review and Audit
16.1 Annual Review
This Policy is reviewed at least annually by the MLCO and approved by senior management and the Board. Reviews are also triggered by material changes in applicable law or regulation, significant changes to Ognimohub's business model or product suite, material compliance incidents, or recommendations from internal or external auditors.
16.2 Internal Audit
Ognimohub's internal audit function conducts periodic, independent assessments of the effectiveness of the AML/CFT compliance programme, including compliance with this Policy, the adequacy of transaction monitoring systems, the quality of KYC records, SAR filing timeliness, and staff training completion rates. Audit findings are reported to senior management and the Board, with a defined remediation timeline for any identified deficiencies.
16.3 Regulatory Examination
Ognimohub cooperates fully with all regulatory examinations, inspections, and audits of its AML/CFT programme. The MLCO is the primary point of contact for regulatory examiners and is responsible for coordinating document production, staff interviews, and remediation of examination findings within agreed timeframes.
17. Escalation and Contact
All AML/CFT concerns, suspected suspicious activities, and policy-related questions must be directed to Ognimohub's Money Laundering Compliance Officer (MLCO) as the first point of escalation. External enquiries from regulators, law enforcement, and financial intelligence units should also be directed to the MLCO.
Ognimohub MFS — Money Laundering Compliance Officer (MLCO) |
Website: ognimohub.com |
Contact Form: ognimohub.com/contact |
Support Ticket: ognimohub.com/ticket |
Email: support@ognimohub.com |
WhatsApp: wa.me/ognimohub |
REMINDER: TIPPING OFF IS A CRIMINAL OFFENCE |
Under no circumstances should a customer, third party, or unauthorized colleague be informed that a SAR has been filed or that their account or transactions are under AML/CFT investigation. If in doubt, consult the MLCO before taking any action. |
Ognimohub MFS | Transaction, KYC & AML Policy | Version 2.0 | Effective May 12, 2026