image

KYC & AML Policy

OGNIMOHUB

Anti-Money Laundering (AML) & Know Your Customer (KYC) Policy

Effective Date: January 1, 2026

Pioneer House, Kenyatta Avenue, Nairobi, Kenya  |  support@ognimohub.com  |  +254 745 497444



1. Introduction and Policy Statement

Ognimohub is committed to preventing its services from being used for money laundering, terrorist financing, fraud, or any other illicit financial activities. This Anti-Money Laundering (AML) and Know Your Customer (KYC) Policy outlines the framework, procedures, and controls implemented by Ognimohub to detect, prevent, and report such activities, ensuring compliance with all applicable laws and regulations in the jurisdictions where Ognimohub operates. This policy applies to all Ognimohub employees, agents, contractors, and services, including the Website, User App, Agent App, and Merchant App.

Money laundering is the process of concealing the origins of illegally obtained money, typically by means of transfers involving foreign banks or legitimate businesses. Terrorist financing involves providing financial support to terrorists or terrorist organizations. Both pose significant threats to the integrity of the global financial system and national security. Ognimohub recognizes its critical role in combating these threats and is dedicated to maintaining the highest standards of compliance.

Our Commitment

Ognimohub is dedicated to:

  • Adhering to all relevant AML/KYC laws, regulations, and guidelines, including those issued by financial intelligence units (FIUs) and regulatory bodies.

  • Implementing robust internal controls and procedures to mitigate the risks of money laundering and terrorist financing.

  • Conducting thorough customer due diligence (CDD) and enhanced due diligence (EDD) where appropriate.

  • Monitoring transactions for suspicious activities and reporting them to the relevant authorities.

  • Providing ongoing training to all relevant personnel on AML/KYC policies and procedures.

  • Cooperating fully with law enforcement and regulatory agencies.


2. Regulatory Framework and Scope

Ognimohub operates within a complex global regulatory landscape. This policy is designed to align with international standards and best practices, including recommendations from the Financial Action Task Force (FATF), and to be adaptable to specific national laws and regulations.

2.1. Applicable Laws and Regulations

Ognimohub acknowledges and commits to complying with, but not limited to, the following types of regulations in its operational jurisdictions:

  • Anti-Money Laundering (AML) Acts: National laws that criminalize money laundering and establish reporting obligations for financial institutions.

  • Counter-Terrorist Financing (CTF) Laws: Legislation aimed at preventing the financing of terrorist activities.

  • Know Your Customer (KYC) Regulations: Rules requiring financial institutions to verify the identity of their customers.

  • Data Protection and Privacy Laws: Regulations governing the collection, storage, and processing of personal data, such as the General Data Protection Regulation (GDPR) and similar national laws.

  • Sanctions Regimes: Regulations imposing restrictions on financial transactions with certain individuals, entities, or countries including OFAC sanctions, UN sanctions, etc.

  • Payment Services Directives (PSD2) or similar payment regulations: Regulations governing payment services and electronic money.

Specific Jurisdictional Compliance: In Kenya, Ognimohub complies with the Proceeds of Crime and Anti-Money Laundering Act (POCAMLA) and its associated regulations, as well as guidelines issued by the Central Bank of Kenya (CBK) and the Financial Reporting Centre (FRC).

2.2. Scope of Application

This policy applies to:

  • All Ognimohub services and products: Including but not limited to mobile financial services, payment processing, money transfers, virtual card management, microfinance, and investment features.

  • All Ognimohub customers: Including individual users, agents, and merchants.

  • All Ognimohub employees, agents, and contractors: Who are involved in customer onboarding, transaction processing, or any other activity that may expose Ognimohub to AML/CTF risks.

  • All Ognimohub systems and platforms: Including the Website, User App, Agent App, Merchant App, and any underlying infrastructure.


3. Risk-Based Approach (RBA)

Ognimohub adopts a risk-based approach (RBA) to AML/KYC, which allows for the allocation of resources in a manner commensurate with the identified risks. This means that the intensity of CDD measures will vary depending on the level of risk associated with a particular customer, product, service, or geographic location.

3.1. Risk Assessment

Ognimohub will conduct regular and comprehensive risk assessments to identify, evaluate, and understand its money laundering and terrorist financing risks. This assessment will consider:

  • Customer Risk: Factors such as the customer's identity, occupation, source of funds/wealth, and geographic location.

  • Product/Service Risk: The inherent risk associated with Ognimohub's offerings (e.g., high-value transactions, cross-border payments).

  • Geographic Risk: The risk associated with countries or regions identified as high-risk by credible sources.

  • Delivery Channel Risk: The risk associated with how services are delivered (e.g., online-only, agent network).

3.2. Risk Categorization

  • Low Risk: Requires standard CDD procedures.

  • Medium Risk: May require additional CDD measures or more frequent monitoring.

  • High Risk: Requires Enhanced Due Diligence (EDD) and continuous, intensified monitoring.


4. Customer Due Diligence (CDD)

Customer Due Diligence is a cornerstone of Ognimohub's AML/KYC framework. It involves identifying and verifying the identity of customers and understanding the nature and purpose of their business relationship with Ognimohub.

4.1. Identity Verification Requirements

4.1.1. Individual Users

  • Full legal name, date of birth, nationality, and residential address.

  • Valid government-issued identification document (national ID, passport, or driver's license).

  • Verified phone number (via SMS/call) and email address.

  • Selfie/liveness check for enhanced verification and fraud prevention.

4.1.2. Agents

  • All individual user requirements for the agent's principal.

  • Business name, registration documents, business address, and proof of agent status.

  • Bank account details and beneficial ownership information.

4.1.3. Merchants

  • Legal entity name, business registration documents, and registered/operational addresses.

  • Tax Identification Number (TIN), bank account details, and nature of business.

  • Beneficial ownership information and identification of directors/senior management.

4.2. Verification Procedures

  • Documentary Verification: Checking official documents for authenticity, tampering, and expiry.

  • Non-Documentary Verification: Cross-referencing public databases and credit bureaus.

  • Biometric Verification: Facial recognition and liveness detection for individual users.

  • Proof of Address: Utility bills, bank statements, or government-issued documents.

4.3. Ongoing Due Diligence

CDD is not a one-time event. Ognimohub conducts ongoing due diligence through regular reviews, event-driven reviews triggered by changes in customer behaviour, and monitoring for changes in beneficial ownership or business activities.


5. Enhanced Due Diligence (EDD)

5.1. Triggers for EDD

  • Politically Exposed Persons (PEPs) and their family members or close associates.

  • High-Risk Jurisdictions identified by FATF or other credible sources.

  • Unusual or complex transactions with no clear economic or lawful purpose.

  • High-value transactions exceeding predefined thresholds.

  • Negative media information or adverse public search results.

  • Customers with opaque ownership structures.

5.2. EDD Measures

  • Obtaining additional identification from multiple independent sources.

  • Requiring detailed documentation of source of funds or wealth.

  • Requiring senior management approval for high-risk customer relationships.

  • Conducting on-site visits for high-risk corporate customers or agents.

  • Enhanced background checks including sanctions, PEP, and adverse media screening.


6. Transaction Monitoring

6.1. Automated Monitoring Systems

Ognimohub utilizes automated transaction monitoring systems capable of real-time and post-transaction analysis, rule-based scenarios, behavioural analytics, and threshold-based alerting.

6.2. Manual Review and Investigation

Alerts generated by the automated system are subject to manual review by trained AML officers, including gathering additional information, analyzing transaction patterns, and documenting findings.

6.3. Red Flags

  • Sudden increase in transaction volume or value, or frequent transactions just below reporting thresholds.

  • Transactions involving high-risk jurisdictions without a clear business rationale.

  • Reluctance to provide information, false or misleading information, or unusual urgency.

  • Structuring: Breaking down large transactions into smaller ones to avoid detection.

  • Transactions with no apparent economic or legitimate purpose.


7. Suspicious Activity Reporting (SAR) / Suspicious Transaction Reporting (STR)

7.1. Reporting Procedures

  • Internal Reporting: Any employee who identifies suspicious activity must immediately report to the MLRO.

  • MLRO Investigation: The MLRO conducts a thorough investigation and gathers all relevant documentation.

  • External Reporting: If suspicion is formed, the MLRO files an SAR/STR with the FIU within the legally mandated timeframe.

  • No Tipping Off: Ognimohub strictly prohibits informing the customer or any third party that an SAR/STR has been filed.

7.2. Record Keeping

All internal reports, investigations, and SAR/STR filings will be retained for a minimum period as required by applicable regulations (typically 5–7 years).


8. Sanctions Screening

8.1. Screening Process

  • All customers are screened against OFAC SDN, UN Security Council, EU Consolidated, and national sanctions lists.

  • Transactions, particularly cross-border payments, are screened in real-time or batch mode.

  • A process is in place to investigate and resolve false positive matches.

8.2. Actions on Sanctions Matches

  • Immediate freezing of the account or transaction.

  • Reporting to the relevant regulatory authorities without delay.

  • Immediate escalation to the MLRO, senior management, and legal counsel.


9. Data Management and Record Keeping

9.1. Data Collected

Ognimohub collects financial information, personal information, messages (optional), app performance data, photos (optional), and contacts (optional) as detailed in the Ognimohub data policy, for purposes of app functionality, fraud prevention, security, compliance, and account management.

9.2. Record Retention

All records are retained for a minimum period of five (5) years from the date the business relationship ends or from the date of the transaction, or longer if required by specific jurisdictional laws.

9.3. Data Security and Privacy

  • Encryption: Data is encrypted in transit over secure connections.

  • Access Control: Access to AML/KYC data is strictly limited to authorized personnel on a need-to-know basis.

  • Data Deletion: A mechanism is provided for users to request data deletion, subject to legal retention obligations.

  • No Data Sharing: Ognimohub does not share user data with third parties, except as required by law or regulatory obligations.


10. Internal Controls and Governance

10.1. Money Laundering Reporting Officer (MLRO)

Ognimohub appoints a qualified MLRO with sufficient authority to oversee implementation and enforcement of this policy. Responsibilities include developing and maintaining the policy, investigating internal reports, filing SARs/STRs, acting as the primary contact for regulatory authorities, and overseeing training programs.

10.2. Senior Management Oversight

Senior management and the board of directors approve the AML/KYC policy, provide adequate resources, receive regular MLRO reports, and foster a strong culture of compliance.

10.3. Internal Audit

An independent internal audit function periodically reviews and tests the effectiveness of the AML/KYC programme, identifies weaknesses, recommends corrective actions, and reports directly to senior management and the board.


11. Training and Awareness

11.1. Training Program

The training programme covers: the importance of AML/KYC, Ognimohub's policies and procedures, customer due diligence, transaction monitoring and red flags, reporting procedures and the no-tipping-off rule, sanctions compliance, data protection, and regulatory updates.

11.2. Frequency of Training

  • Initial Training: Upon joining Ognimohub.

  • Annual Refresher Training: For all relevant personnel.

  • Ad-hoc Training: When there are significant regulatory changes or identified risks.


12. Technology and Systems

12.1. Integrated Solutions

Ognimohub's platform integrates with specialized AML/KYC technology solutions for identity verification (IDV), sanctions and PEP screening, transaction monitoring systems, and case management for alerts and SAR/STR filings.

12.2. API Integrations

All third-party API integrations are subject to due diligence to ensure compliance with Ognimohub's AML/KYC standards and applicable regulatory requirements.


13. Compliance with Platform Requirements

13.1. Data Privacy and Security

Ognimohub's commitment to no data sharing with third parties and encryption in transit directly addresses key platform requirements. All data collection practices are transparently communicated through in-app privacy policies.

13.2. Financial Services Compliance

Ognimohub holds all necessary licenses and approvals to offer financial services in its operating jurisdictions. All financial services are clearly disclosed to users along with applicable terms and conditions.

13.3. User Experience and Trust

A strong AML/KYC framework contributes to a secure and trustworthy user experience, protecting users and maintaining the integrity of Ognimohub's services.


14. Policy Review and Updates

This AML/KYC Policy will be reviewed at least annually by the MLRO and senior management to ensure its continued effectiveness, relevance, and compliance with evolving legal and regulatory requirements, as well as changes in Ognimohub's business operations or risk profile. Any updates will be approved by senior management and communicated to all relevant personnel.


15. Contact Information

For any questions regarding this AML/KYC Policy or to report suspicious activities, please contact:

  • Address: PR89+2WP, Pioneer House, Kenyatta Avenue, Nairobi, Kenya

  • Email: support@ognimohub.com

  • Phone: +254 745 497444


16. Investment Products — AML Controls and Withdrawal Policy

Ognimohub offers a range of investment products to its users. Given the inherent volatility of foreign exchange rates and the corresponding risk of value fluctuations over time, specific AML-aligned rules govern the withdrawal of investment proceeds. These rules are designed to protect users, maintain financial integrity, and prevent the exploitation of investment modules for layering or structuring illicit funds.

16.1. Investment Types

Ognimohub currently provides the following investment products:

  • Hourly Investments: Short-duration investment cycles settled within the same hour.

  • Daily Investments: Investment cycles settled at the end of each calendar day.

  • Weekly Investments: Investment cycles spanning seven (7) calendar days.

  • Monthly Investments: Investment cycles spanning thirty (30) calendar days.

  • Quarterly/Long-Term Investments: Investment cycles spanning periods exceeding thirty (30) days.

16.2. Withdrawal Restrictions for Investment Proceeds

Due to foreign exchange rate fluctuations and their material impact on the final value of investment returns, the following withdrawal rules apply:

16.2.1. Hourly and Daily Investments

Proceeds from Hourly and Daily investment products may be withdrawn or transferred upon the successful completion and settlement of the respective cycle. These short-duration products are settled quickly, and withdrawal is permitted immediately once the investment cycle concludes.

16.2.2. Weekly, Monthly, and Long-Term Investments

All investment proceeds from Weekly, Monthly, Quarterly, or any other investment product with a duration exceeding twenty-four (24) hours are subject to the following restriction:

  • Proceeds — including both the principal and any earned returns — may ONLY be withdrawn after the investment cycle has fully matured and officially ended.

  • Partial withdrawals or early redemptions from these investment products are NOT permitted while the investment is active.

  • This restriction applies to all withdrawal and transfer mechanisms, including but not limited to: cashouts, bank transfers, mobile money transfers, and peer-to-peer transfers of investment proceeds.

Rationale: Foreign exchange rates fluctuate continuously. Allowing mid-cycle withdrawals would expose Ognimohub and its users to unpredictable losses and could be exploited to manipulate realized gains or obscure the true origin of funds — both of which are red flags under AML frameworks. By locking investment proceeds until cycle completion, Ognimohub ensures settlement integrity, accurate reporting, and compliance with financial regulations.

16.3. AML Monitoring of Investment Activity

All investment activities are subject to Ognimohub's standard transaction monitoring framework. In addition, the following AML-specific controls apply to investment modules:

  • Source of Funds Verification: Users funding investment products above defined thresholds will be required to provide documentation verifying the legitimate source of funds used.

  • Unusual Investment Patterns: Sudden or repeated large investments, particularly those immediately followed by maximum withdrawals at cycle end, will be flagged for review by the MLRO.

  • Layering Detection: Rapid movement of funds through multiple investment cycles without a clear economic rationale will be treated as a potential red flag and may trigger Enhanced Due Diligence (EDD).

  • Sanctions Screening: All investment transactions are screened against applicable sanctions lists prior to processing.

16.4. Investment Proceeds and Tax Obligations

Ognimohub may be required, in certain jurisdictions, to report investment returns to tax authorities. Users are responsible for fulfilling their own tax obligations on investment proceeds. Ognimohub will cooperate with lawful requests from tax authorities in accordance with applicable regulations.


17. Multiple Account Policy — Identity Integrity and Module Access Controls

Ognimohub recognizes that some users may create or hold more than one account on its platform. To maintain the integrity of its financial services, prevent the circumvention of AML/KYC controls, and ensure fair use of all platform modules, the following policy governs accounts held by the same individual or entity.

17.1. Detection of Multiple Accounts

Ognimohub employs automated and manual methods to identify instances where multiple accounts may be associated with the same user. These methods include, but are not limited to:

  • Matching of biometric data (facial recognition / liveness checks).

  • Cross-referencing national identification numbers, passport numbers, or other government-issued ID data.

  • Phone number and email address linkage analysis.

  • Device fingerprinting and IP address correlation.

  • Behavioral analytics indicating common usage patterns across accounts.

17.2. Primary Account Designation

Where multiple accounts are identified as belonging to the same individual or entity, the account created first — determined by the earliest verified registration timestamp in Ognimohub's systems — shall be designated as the Primary Account.

The Primary Account is the sole account eligible for the following financial modules:

  • Cashout / Withdrawal to Mobile Money: Only the Primary Account may initiate cashout requests to registered mobile money wallets.

  • Bank Transfer: Only the Primary Account may initiate direct bank transfers to registered bank accounts.

This designation is applied automatically upon detection of multiple accounts and cannot be circumvented by the user.

17.3. Secondary Account Access

All accounts identified as Secondary Accounts — i.e., accounts created after the Primary Account by the same individual or entity — retain access to all other available platform modules and features, which include but are not limited to:

  • Sending and receiving peer-to-peer (P2P) payments within the platform.

  • Accessing investment products (subject to Section 16 of this Policy).

  • Merchant and agent transaction capabilities (where applicable and separately approved).

  • Virtual card usage.

  • Bill payments and other in-app financial services.

Secondary Accounts may NOT be used to indirectly access cashout or bank transfer functions through mechanisms such as transferring funds to a third party for the purpose of withdrawal on the account holder's behalf. Such activity constitutes a violation of this policy and may trigger an AML investigation.

17.4. AML Rationale for Multiple Account Restrictions

The restriction of cashout and bank transfer modules to the Primary Account is grounded in the following AML principles:

  • Prevention of Structuring: Limiting withdrawal channels to a single verified account reduces the risk of users splitting funds across multiple accounts to avoid transaction monitoring thresholds.

  • Identity Integrity: Ensuring that all withdrawals are linked to a single, fully verified identity prevents the use of secondary, potentially under-verified accounts to move illicit funds.

  • Audit Trail Clarity: Concentrating financial outflows through one verified account simplifies transaction monitoring, regulatory reporting, and any investigations by the MLRO or law enforcement.

  • Prevention of Layering: Multiple accounts can be used as a layering mechanism in money laundering schemes. Restricting high-risk modules to the Primary Account significantly reduces this exposure.

17.5. Notification and Appeals

When multiple accounts are detected, Ognimohub will:

  • Notify the user via their registered email or in-app notification that multiple accounts have been detected and that module restrictions have been applied.

  • Identify which account has been designated as the Primary Account.

  • Provide the user with an opportunity to appeal the designation if they believe the classification is incorrect, by contacting Ognimohub's support team with supporting documentation.

Appeals will be reviewed by the Compliance team within ten (10) business days. The outcome of the appeal will be communicated to the user. Ognimohub reserves the right to make a final determination on account designation.

17.6. Prohibited Use of Multiple Accounts

Users are expressly prohibited from:

  • Creating multiple accounts with the intent to circumvent AML/KYC controls, transaction limits, or withdrawal restrictions.

  • Using secondary accounts to aggregate funds for withdrawal via the primary account.

  • Providing false identity information on any account to avoid linkage with other accounts.

Violation of this section may result in the suspension or permanent closure of all accounts held by the user, reporting to the relevant Financial Intelligence Unit (FIU), and where applicable, referral to law enforcement authorities.



This document constitutes the official AML/KYC Policy of Ognimohub.

Last Reviewed: April 2026  |  Next Scheduled Review: January 2027

Approved by Senior Management & Board of Directors


This site uses cookies

We may utilize cookies when you access our website, including any related media platforms or mobile applications. These technologies are employed to enhance site functionality and optimize your interactions with our services.

View More