15. Program for managing the risks of legalization (laundering) of proceeds from crime and financing of terrorism.
15.1. It is necessary to assess on an annual basis the degree of exposure of the services provided to the following types of risks of legalization (laundering) of proceeds from crime and financing of terrorism, including, but not limited to:
a) Risk by type of clients
b) Country (geographical) risk
c) Risk of the service and/or method of its provision
15.2. Key types of clients whose status and/or whose activities increase the risk of legalization (laundering) of proceeds from crime and terrorist financing include:
a) Foreigners, including foreign public officials, their close relatives and representatives;
b) Foreign financial institutions.
c) Legal entities and individual entrepreneurs, whose activities are related to the intensive cash turnover, including:
i. Organizers of the gambling business, as well as persons providing services or receiving income from the activities of online casinos outside the Kyrgyz Republic;
ii. Persons providing tourist services, as well as other services related to intensive cash turnover;
d) Insurance (reinsurance) organizations, insurance brokers operating in the life insurance sector (except for subsidiaries of the bank that comply with requirements for combating legalization (laundering) of proceeds from crime and financing of terrorism established by the bank);
e) Persons operating as insurance agents;
f) Persons carrying out intermediary activities in the purchase and sale of real estate;
g) Non-profit organizations, in the organizational and legal form of funds, religious associations;
h) Persons located (registered) in foreign states specified in paragraph 15 of the Requirements, as well as branches and representative offices of such persons located in the Kyrgyz Republic.
15.3. It is necessary to assess the country (geographical) risk associated with the provision of services to clients in their foreign countries. Foreign countries, transactions with which increase the risk of legalization (laundering) of proceeds from crime and terrorist financing are:
a. Foreign countries (territories) included in the list of countries (territories) that do not comply or insufficiently comply with the recommendations of the Financial Action Task Force on Money Laundering (FATF), compiled by the authorized body for financial monitoring;
b. Foreign countries (territories) against which international sanctions (embargoes) adopted by resolutions of the United Nations Security Council are applied;
c. Foreign countries (territories) included in the list of offshore zones for the purposes of the Law on the combating legalization (laundering) of proceeds from crime and financing of terrorism;
d. Foreign countries (territories) determined by the organization as posing a high risk of legalization (laundering) of proceeds from crime and terrorist financing based on other factors (information on the level of corruption, illegal production, trafficking and/or transit of drugs, information on support for international terrorism, etc.).
15.4. The following are the services, the provision of which is subject to a high risk of legalization (laundering) of proceeds from crime and terrorist financing:
a. Remote customer service, including servicing via electronic terminals;
b. Services for the sale (distribution) of electronic money and payment cards;
c. Services for the acceptance and processing of payments made using electronic money in excess of an amount equal to one hundred times the monthly calculation indicator established for the relevant financial year by the law on the republican budget;
d. Services for the processing of payments initiated by the client in electronic form, and the transfer of the necessary information to the bank, an organization carrying out certain types of banking operations, for making a payment and/or transferring or accepting money for these payments.
15.5. It is necessary to establish the risk level of the client (group of clients) based on the results of the analysis of information about the client (clients) obtained as part of the procedures for identifying and monitoring client transactions, and assess it according to a risk level determination scale, which consists of three levels: low, medium and high.

16. Customer Identification Program
16.1. In order to carry out activities to record and verify the accuracy of information about the client (his representative), identify the beneficial owner and record information about him, establish and record the intended purpose of business relations or a one-time operation (transaction), it is necessary to identify clients and their beneficial owners.
16.2. The extent of the activities carried out, the depth and detail of identification depend on the client's risk level.
16.3. In the process of identifying the client (identifying the beneficial owner), it is necessary to check for the presence of such client (beneficiary owner) in the list of persons and organizations associated with the financing of terrorism and extremism, obtained in accordance with the Law on combating legalization (laundering) of proceeds from crime and financing of terrorism (hereinafter referred to as the List).

17. Customer Operations Monitoring and Study Program
17.1. It is necessary to regularly carry out activities to update and/or obtain additional information about clients (their representatives) and beneficial owners, as well as to study client transactions and identify threshold and suspicious transactions.
17.2. The results of monitoring and studying client transactions must be used to annually assess the degree of exposure of the organization's services to the risks of legalization (laundering) of proceeds from crime and terrorist financing, as well as to review client risk levels.
17.3. The program for monitoring and studying client transactions includes:
a. A list of signs of unusual and suspicious transactions;
b. Distribution of responsibilities between employees to update previously received and/or to obtain additional information about the client (his representative) and beneficial owner;
c. Distribution of responsibilities between employees of the organization to identify and transfer between employees information about threshold, unusual and suspicious transactions;
d. Description of the mechanism for interaction between departments in identifying threshold, unusual and suspicious transactions;
e. The procedure, grounds and timeframe for the responsible employee to make a decision on the qualification of a client transaction;
f. The procedure for interaction between employees to make a decision to refuse to carry out a client transaction, as well as to terminate business relations with the client;
g. The procedure for interaction between divisions (employees) of the organization to identify clients and beneficial owners included in the List, as well as to immediately freeze transactions with money and/or other property of such clients;
h. The procedure for recording (including recording methods) and storing information on the results of studying unusual transactions, as well as information on threshold and suspicious transactions (including the transaction amount, transaction currency);
i. The procedure for submitting messages on threshold and suspicious transactions to the authorized body for financial monitoring;
j. The procedure for informing (if necessary) authorized bodies and officials of the organization about the identification of a threshold and suspicious transaction;
k. The procedure for adoption and a description of the measures taken in relation to the client and its transactions in the event that the client systematically and/or in significant volumes carries out unusual and/or suspicious transactions.
17.4. If doubts arise regarding the legality of classifying a transaction as a threshold transaction, as well as if an unusual or suspicious transaction is identified, the employee who identified the said transaction is obliged to send a message about such transaction to the Responsible Employee in the manner, form and within the timeframes established by the internal documents of the organization.

18. Program for training and education of employees on issues of combating legalization (laundering) of proceeds from crime and financing of terrorism
18.1. On a regular basis, with the frequency established by the applicable legislation of the Kyrgyz Republic, it is necessary to conduct a program of training and education of employees on issues of combating legalization (laundering) of proceeds from crime and financing of terrorism in order to ensure that the knowledge and skills of the company's employees correspond to the required level.

19. Rights, obligations and responsibilities of participants of the Payment System
19.1. Rights and obligations of the System Operator (hereinafter referred to as the Operator) when interacting with Merchants:
19.1.1. The Operator is entitled to:
• The Operator, on behalf of and at the expense of the Merchant, may accept payments from Payers using payment cards, electronic wallets and electronic money, including using MPA, cash and non-cash funds, and undertakes to transfer the accepted payment to the Merchant (or make settlements in another legal manner) in the manner prescribed by these Rules, in turn, the Merchant undertakes to pay the Operator a fee in the manner prescribed by these Rules. The amount of the fee is determined by the Agreement/or the Questionnaire for connection;
• The Operator may accept payments personally or entrust the acceptance of payments to third parties - Agents of the Operator;
• The Operator and/or Agents of the Operator may accept (receive) payments from Payers in any manner not prohibited by law (cash, non-cash funds); as well as through other payment systems and instruments not prohibited by the legislation of the Kyrgyz Republic);
19.1.2. Responsibilities of the Operator:
• Register the Merchant in its electronic database and assign it the corresponding ID;
• Ensure the transfer of Payments accepted by the Operator and/or the Operator's Agents in the order of execution of the Offer Agreement/Questionnaire for connection to the System, accepted by the Operator and/or the Operator's Agents of Payments, on the terms and within the timeframes stipulated by the Offer Agreement/Questionnaire for connection to the System. In this case, the Operator's obligations to transfer to the Merchant the payments accepted in his favor are considered fulfilled from the moment the corresponding amount of funds is written off from the Operator's bank account;
• The Operator and the Supplier sign the Reconciliation Statement for the reporting period. The procedure and timeframe for providing the Act, reviewing the Statement and signing it are determined by the Offer Agreement/Questionnaire for connection to the System signed with the Merchant;
19.2. Rights and obligations of the Supplier of goods/services.
19.2.1. The Merchant is obliged to:
• For the purposes of registering the Supplier of goods/services in the Operator's electronic database and the proper execution of payments, as well as for the purposes of interaction between the parties in the execution of the Agreement with the Merchant, submit information to the Operator and provide them with the documents stipulated by paragraphs 4.2.3. - 4.2.4 hereof;
• Notify the Operator of changes in the Payment parameters that may affect the identification of the Payer and, in general, the correctness of the Payment;
• In the event of an erroneous transfer by the Operator in favor of the Merchant of funds transferred by the Operator in the course of fulfilling the Operator's obligations to the Merchant, which arose as a result of any technical error, return to the Operator, upon his written application, the erroneously transferred funds within three (3) banking days from the date of receipt of the relevant request;
• In case of an erroneous payment due to the fault (including careless) of the Payer (incorrect indication of the personal account number, incorrect indication of the payment amount, incorrect indication of the telephone number, etc.), upon written application of the Operator, return to the Operator the erroneously transferred funds, or change the payment parameters, if such return and such change of payment parameters are possible and available;
• Agree on the monthly Reconciliation Statement for the relevant reporting month by signing it. The procedure and term for receiving the monthly Statement is determined by the Offer Agreement/Questionnaire for connection with the Merchant;
• Pay the Operator remuneration in the manner and amount established in the Offer Agreement/Questionnaire for connection with the Merchant;
19.2.3. Rights of the Merchant of goods/services:
• Require from the Operator timely fulfillment of financial obligations incurred by the Operator for acceptance of Merchant Payments by the Operator and/or its Agents;
• Require the Operator to properly fulfill the obligations stipulated by these Rules and the Offer Agreement/Questionnaire for connection with the Merchant;
19.3. Rights of the Operator
19.3.1. Require the Merchant to properly fulfill the obligations stipulated by these Rules and the Offer Agreement/Questionnaire for connection;
19.3.2. Require the Merchant to pay the remuneration due to the Operator in the manner and within the timeframes specified in the Offer Agreement/Questionnaire for connection with the Merchant for the Payments accepted by the Operator and/or the Operator's Agents;
19.3.3. In case of erroneous payments, the adjustment and cancellation (revocation) of payments shall be made in accordance with the procedures (order) stipulated by these Rules;
19.3.5. The Parties may place each other's trademarks by using their own information resources solely for the purpose of advertising the goods (works, services) of the trademark owners;
19.4. Liability of the Parties in the interaction of the Operator with the Merchant
19.4.1. The Parties shall be liable for improper fulfillment of their obligations in accordance with the provisions of these Rules, as well as the Offer Agreement/Questionnaire for connection with the Merchant, and in cases not stipulated by the Rules and the Offer Agreement/Questionnaire for connection - in accordance with the legislation of the Kyrgyz Republic;
19.4.2. In the event of a breach by the Operator of the obligations to transfer Payments to the Merchant, accepted in the order of execution of the Offer Agreement/Questionnaire for connection with the Merchant, the Operator shall pay the Merchant a penalty in the amount, manner and within the time limits specified in the Agreement with the Merchant;
19.4.3. In the event of a breach by the Merchant of the procedure for paying remuneration stipulated in the Offer Agreement/Questionnaire for connection with the Merchant and/or in its relevant appendices (amount, terms), the Merchant undertakes to pay the Operator a penalty in the amount, manner and within the time limits specified in the Offer Agreement/Questionnaire for connection;
19.4.4. In case of temporary suspension or termination of acceptance of Payments by the Operator, including in connection with termination of the Offer Agreement/Questionnaire for connection with the Merchant, the latter shall not be entitled to demand, and the Operator shall not be obliged to compensate the Merchant for any indirect damages (lost profits, lost income (profit), etc.), unless otherwise provided by the Offer Agreement/Questionnaire for connection;
19.4.5. The Operator shall not be liable for the untimely transfer of accepted Payments to the Merchant in the event of untimely notification by the Merchant of a change in its details, as well as in the event of a failure in the electronic systems of the servicing bank;
19.4.6. The Operator shall not be liable for errors made by the Payer when making a Payment;

20. Tariff Policy
20.1. The Tariff Policy reflects the general goals of the Operator, which it seeks to achieve by setting prices for the services provided.
20.2. When setting prices for goods, general economic criteria are taken into account, determining price deviations in one direction or another based on the consumer value of payment services.
20.3. These criteria can be divided into internal (depending on the management and various services of the company) and external (independent of the company itself and located outside it).
Internal criteria include:

• service quality;
• Operator's image.

External criteria are as follows:

• social significance of the service;
• availability and expansion of the payment services market;
• Participants and their requirements for the payment services market;
• regulatory framework;
• political stability of the state;
• availability and level of competition;
• other factors.

20.4. A method of determining prices is used with a focus on demand, the level of competition and the requirements of the Participants. The Operator uses a combined system of methods for determining prices simultaneously with solving the problem of developing a network of payment services, a network of points and methods of accepting payments. The structure of tariffs, commission fees and remuneration must meet the goal of achieving the level of profitability established by the Operator.
20.5. In certain cases dictated by the requirements of suppliers of services and goods (including state and budgetary companies), demand and price level for tariffs, commission fees and remuneration, with respect to services rendered by payment organizations and payment system operators of the Kyrgyz Republic, as well as decisions of the Company, the structure of tariffs, commission fees and remuneration may differ from the established level of profitability.
20.6. Before determining tariffs, commission fees and remuneration, a market analysis of demand and price level for tariffs, commission fees and remuneration rendered by payment organizations and payment system operators of the Kyrgyz Republic shall be carried out.
20.7. Notification of Participants and users about the applied tariffs, commission fees and remuneration is carried out in accordance with these Rules and the Agreement of the Participant.
20.8. The payment system operator shall provide the National Bank with information on approved and current tariffs once a year from the date of receipt of the license. The payment system operator shall, within 10 (ten) business days after changing the tariffs, notify the National Bank of all changes made to the current tariffs.

21. Description of mechanisms for managing directories of senders and recipients in order to check clients against international and national lists of persons involved in terrorist and extremist activities or the proliferation of weapons of mass destruction.
21.1. The Supplier/Agent Department conducts client due diligence in any of the following cases:
21.1.1. establishing business relationships with suppliers of goods/services, agents and counterparties;
21.1.2. if the employees of the Supplier/Agent Department and the Company's lawyer suspect that the supplier of goods/services, agent and counterparty are financing terrorism and legalizing (laundering) proceeds from crime, as well as other illegal activities.
Identification
21.2. When conducting due diligence on suppliers of goods/services, agents and counterparties, the Supplier/Agent Department identifies partners by collecting identification data. The collection of identification data is ensured by filling out and signing the Client and Beneficial Owner Questionnaire by the partner.
Verification
21.3. Verification of partners is carried out by the Manager of the Suppliers/Agents Support Department (Head of the Suppliers/Agents Support Department) by checking the identification information specified in the client's Questionnaire. The Suppliers/Agents Support Department requests the following information:
- in case of a legal entity: the name of the organization (full, abbreviated), information on the registration of the legal entity, legal address, contacts, taxpayer identification number (for residents), registration number of the Social Fund of the Kyrgyz Republic, type of activity;
- in case of an individual entrepreneur: a certificate of registration as an individual entrepreneur (along with a copy of the entrepreneur's passport), patent details (date of issue and number, authority issued the patent, patent validity period), certifying the client's status as an individual entrepreneur;
- in case of an individual - full name, identity card details (passport), place of residence, citizenship, local address, contact details).
21.4. The Supplier/Agent Department establishes the beneficial owners and information about the management bodies of subagents in cases where the subagent is a legal entity (structure and personnel).
21.5. The Supplier/Agent Department, before entering into any agreements with suppliers of goods and services, shall take all possible measures (phone call, letter, e-mail) to establish and identify the beneficial owner (beneficiary) of the supplier of goods and services. A legal dossier of suppliers of goods and services, consisting of at least the following documents shall be formed:
− a copy of the certificate of state registration (re-registration) of a legal entity with the authorized state body of the Kyrgyz Republic. For non-residents: a copy of an extract from the trade register of the country of the client's registration as a legal entity or another document confirming the client's registration as a legal entity in accordance with the requirements of the legislation of the country of origin (copies shall be certified by the seal of the legal entity and the signature of its manager);
- a copy of the constituent documents depending on the organizational and legal form of the organization, with amendments and additions thereto, certified by a notary or the seal of the legal entity and the signature of its manager;
- in cases where a legal entity carries out activities subject to mandatory licensing in accordance with the legislation of the country of origin - a copy of the license (the copy is certified by the seal of the legal entity and the signature of its manager);
- for non-residents of the Kyrgyz Republic:
- a certificate from the tax service authority on the fact of tax registration of the taxpayer;
- information about the services and goods of the supplier.
- for individual entrepreneurs:
- a certificate of registration as an individual entrepreneur;
- a patent certifying the client's status as an individual entrepreneur
21.6. If the supplier, agent, subagent or counterparty fails to provide the information and/or documents required to conduct due diligence on the client, the Head of the Supplier/Agent Department shall submit one of the following decisions to the General Director and the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime for consideration:
21.6.1. Do not establish a business relationship with the client (refuse to accept for service or open an account);
21.6.2. Suspend or terminate the established business relationship with the client (refusal to provide service) and terminate the concluded agreement with the client;
21.6.3. Do not make a payment or send funds to the recipient's bank account.
When making a decision in this case, the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime for consideration is obliged to send a corresponding message to the financial intelligence agency within one business day from the date of such decision.
21.7. The relationship between the Company and suppliers of goods and services, subagents, their responsibility, rights and obligations are reflected in the relevant agreements concluded between them after identifying the supplier of goods and services and the subagent.
21.8. When conducting due diligence on suppliers of goods/services, agents, subagents, identifying their beneficial owners, the Supplier/Agent Department checks for officials, founders and beneficiaries on the Sanctions List of the Kyrgyz Republic.
21.9. If the full names of officials, founders and beneficiaries are on the list, based on the application of the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime for consideration, the General Director makes a decision to refuse to provide any types of services and the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime for consideration immediately reports the information to the SFIS under the Government of the Kyrgyz Republic.
Payer Due Diligence
21.10. The Company ensures verification of the identification data of payers received by the Company's automated system.
21.11. When conducting an electronic money transfer, the Company:
1) generates the required information about the sender and recipient of the money transfer;
2) ensures that the required information about the sender and recipient of the money transfer are integral parts of the electronic money transfer and accompany the electronic money transfer during the payment;
3) monitors electronic money transfers and identifies electronic money transfers that do not contain information about the sender and (or) recipient, and takes appropriate measures to properly verify the client;
4) checks the sender and recipient of the money transfer for presence or absence in the Sanctions Lists;
21.12. The IT Department of the Company provides the software and hardware complex of the Company, including the interface of payment terminals, with functions for entering identification data, in cases where payments are made:
21.12.1. when making a one-time transaction (payment) or several interrelated one-time transactions in the amount equal to or exceeding 70,000 soms;
12.21. when making a one-time electronic money transfer in the amount equal to or exceeding 70,000 soms;
13.21. The Company carries out identification of the payer upon detection of payment in favor of service providers - non-residents of the Kyrgyz Republic (foreign service providers with current accounts in foreign banks and personal accounts in foreign currency), with whom the Company has concluded a direct agency agreement, by displaying on the screen of the payment device the fields for filling in the full name and passport data (TIN, date of issue and expiration, issuing authority).
In this case, the amount of the transaction (payment) performed must not exceed 60,000 soms or the equivalent in foreign currency.
If the payment amount exceeds 60,000 soms, the payment should not be made to the recipient's account. The payer must come to the Company with passport data and write an application for a refund of the remaining amount. The Company establishes the Procedure for clients to contact on controversial issues.
21.14. The IT department ensures that the System has appropriate software solutions that allow entering the payer's identification data. The IT department ensures that the System stores information on cross-border payments, including:
● identification data of the payer;
● time and place of payment;
● payment amount;
● name of the payee;
● other data.
21.15. The Company sets limits on transactions in accordance with the legislation of the Kyrgyz Republic. The limit on a one-time transaction in favor of a service provider being residents of the Kyrgyz Republic is "70,000 soms" (seventy thousand soms) (limited for all services), while one-time transaction in favor of a service provider being non-residents of the Kyrgyz Republic - no more than 60,000 soms (sixty thousand soms).
Re-identification of clients
21.16. Re-identification of clients is carried out at least once a year if the client's transactions are classified as a high degree (level) of risk, once every three years - as medium and low risk. The responsibility for re-identification is assigned to the employee responsible for the initial identification.
21.17. Re-identification of the client, his representative, establishment and identification of the beneficial owner shall not be performed if such client, his representative, beneficial owner have already been identified by the Company in accordance with the Law on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime and these Rules. Information about this client, his representative or beneficial owner shall be promptly accessible on a permanent basis.
21.18. Re-identification of the client, his representative, establishment and identification of the beneficial owner shall be performed if:
- doubts arise as to the reliability of the information previously obtained as a result of the implementation of this procedure;
- the transaction (payment) is of a confusing or unusual nature, indicating the absence of obvious economic sense or obvious legal purpose, or the performance of the said transaction (payment) gives reason to believe that the purpose of its implementation is to evade the mandatory control procedures stipulated by the Law on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime.
Procedure for maintaining client questionnaires.
21.19. The client's details and those of their beneficial owner are recorded in the relevant questionnaires, which are stored in the client's file. The questionnaire is filled in directly by the client; control over the questionnaire's completion is assigned to the employee responsible for client identification. The part of the questionnaire containing information on the risk level is checked by the responsible employee of the Company conducting the verification.
21.20. The following information must be entered into the client's questionnaire:
● information obtained as a result of client identification;
● information on the Company's client belonging to the public official category;
● information on the degree (level) of risk, including the rationale for the risk assessment;
● date of commencement of relations with the client;
● date of filling in and updating the client's questionnaire;
● reasons and date of change in the risk level;
● other information.
21.21. The client's questionnaire is filled in by the client and the Company's employee in electronic form and on paper, using technical means, and is signed by the client.
21.22. In the event of a change in the information contained in the client and/or beneficial owner questionnaire, the client is obliged to provide the Company with updated information and documents. The Company employee responsible for identifying the client enters updated information into the client questionnaire on the day of its receipt.
21.23. The client questionnaire is subject to storage in the Company for at least five years from the date of termination of relations with the client.
21.24. Risk-based approach to customer due diligence.
21.24.1. The supplier/agent department and the compliance department shall apply enhanced or simplified customer due diligence measures, using a risk-based approach, when conducting customer due diligence.
21.24.2. The Company classifies its customers based on risk criteria (high, medium and low).
21.24.3. In case of establishing a high risk, the following enhanced customer due diligence measures shall be applied:
- collecting additional identification information and documents regarding the customer from accessible and reliable sources of information, and using this information in assessing the risk associated with the customer;
- collecting additional information about the customer and the beneficial owner to thoroughly understand the risk of possible involvement of such customer and beneficial owner in criminal activity;
- requesting additional information from the customer regarding the purpose and intended nature of the business relationship, as well as the source of the customer's funds;
- verification of the sources of the client's funds used in establishing the business relationship in order to ensure that the funds are not the proceeds of crime;
- regular updating of the identification data of the client and the beneficial owner, but at least once a year;
- requesting additional information from the client explaining the reason or economic meaning of the planned or executed operations (transactions);
21.24.4. In case of establishing a medium risk, the Compliance Control Department establishes measures at its own discretion with the approval of the General Director.
21.24.5. In case of establishing a low risk, the following simplified due diligence measures are applied on a client:
- obtaining general information about the purpose and intended nature of the business relationship;
- verification of the client and the beneficial owner after establishing the business relationship;
- reducing the frequency of updating the identification data of the client and the beneficial owner;
Procedure for applying measures to high-risk countries
21.25. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall monitor the list of high-risk countries compiled and published by the financial intelligence agency and check the register of suppliers of goods/services and agents for their place of registration in high-risk jurisdictions.
21.26 The Supplier/Agent Department, when establishing business relations with clients, checks for the place of registration in high-risk jurisdictions.
21.27 In the event that the place of registration of the supplier of goods/services and agents in high-risk countries coincides, the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime makes a proposal to apply enhanced customer due diligence measures, including a request for additional information.
21.28 The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime also makes a proposal to the General Director of the Company to take the following measures:
21.28.1. reporting to the financial intelligence agency any payments with individuals or legal entities from high-risk countries (individuals or legal entities registered or operating in high-risk countries), regardless of the amount of the transaction (payment);
21.28.2. refusal to establish business relations and make payments to individuals or legal entities from high-risk countries;
21.28.3. Termination of the application of enhanced customer due diligence measures or other measures (sanctions) in relation to high-risk countries is carried out upon exclusion of the country from the List of High-Risk Countries or based on a decision of the Commission on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime under the Government of the Kyrgyz Republic.
Procedure for identifying payments subject to control and reporting
21.29. In order to identify payments subject to control and reporting to the financial intelligence agency, the Company ensures continuous monitoring of payments made through the Company's payment system by providing access to the System to the official on the Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime.
21.30. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall continuously monitor the following types of payments subject to mandatory control and reporting:
- suspicious payments;
- payments in favor of individuals or legal entities from high-risk countries;
- payments with individuals who have served a sentence for legalization (laundering) of proceeds from crime, terrorism or extremism;
- non-cash payments in excess of the established threshold amount.
21.31. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall ensure that a message is sent to the financial intelligence agency concerning the payments subject to mandatory control and reporting, in accordance with the procedure established by the Regulation on the submitting information and documents to the financial intelligence agency of the Kyrgyz Republic, approved by the Resolution of the Government of the Kyrgyz Republic No. 606 dated December 25, 2018.
In order to send messages to the financial intelligence agency, the official shall register on the information resource of the financial intelligence agency. The IT department shall ensure the installation of an automated workstation, being specialized software that supports automated generation and sending of messages on transactions (payments) to the financial intelligence agency.
The electronic messages are generated and sent by a compliance officer to the financial intelligence agency through an automated workstation. The sequence of actions for generating an electronic message through an automated workstation, the format and structure of the electronic message, as well as the procedure for using cryptographic protection tools for the electronic message, are provided for in the instructions accompanying the automated workstation and additionally posted on the official website (www.fiu.gov.kg)
21.32. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall ensure continuous monitoring of payments by means of:
− software solution that provides protection against fraudulent actions, identification of suspicious and dubious transactions (operations) with the automatic blocking feature;
− uploading reports with automatic checking for suspicious transactions;
− customer support service that monitors incoming requests for signs of suspicious transactions;
− manual verification of transactions that have signs of suspicious nature.
21.33. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime together with the employees of the Customer Support Department shall identify suspicious transactions by monitoring the payments being made and taking into account the following criteria:
− if there is a suspicion or sufficient grounds to suspect that the funds represent proceeds of crime, including from predicate crimes, or are related to the legalization (laundering) of Proceeds from Crime;
− if there is a suspicion or sufficient grounds to suspect that the funds are related to the financing of:
− a) terrorists and extremists;
− b) terrorist and extremist organizations (groups);
− c) terrorism and extremism.
21.34. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime together with the employees of the Customer Support Department shall apply the guidelines for identifying suspicious transactions (deals) developed and published by the financial intelligence agency.
The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall ensure that the employees of the Customer Support Department are familiar with the guidelines for identifying suspicious transactions (deals).
21.35. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime, together with the employees of the Customer Support Department, shall identify payments in favor of individuals or legal entities from high-risk countries, using the list of transactions (deals) with individuals or legal entities from high-risk countries developed by the financial intelligence agency based on the results of the national risk assessment of issues related to Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime available in the Kyrgyz Republic.
21.36. The IT Department shall ensure the integration of the list of persons who have served a sentence for legalization (laundering) of Proceeds from Crime, terrorism or extremism, as well as for the financing of such activities.
When identifying payments with persons who have served a sentence for legalization (laundering) of Proceeds from Crime, terrorism or extremism, as well as for the financing of such activities, the System notifies the Official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime to forward messages to the financial intelligence agency.
21.37. The Official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime, together with the employees of the Customer Support Department, shall identify the non-cash payments in excess of the established threshold amount.
The list of transactions (deals) with threshold amounts is established by the financial intelligence agency. The Official constantly monitors the information resources of the financial intelligence agency to identify changes or additions to the list of transactions with threshold amounts subject to mandatory control.
21.38. The official, together with the employees of the Customer Support Department, identifies the following payments:
- payments made more than three times in an amount exceeding 30,000 soms per day;
- multiple growth in the volume of payments for services over a short period to a service provider for which a stable volume of payments was observed;
- agreement by the service provider to pay an exorbitant fee for accepting payments for its services (above 20%).
21.39. If an unusual transaction or its signs are detected in the client's activities, the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime together with the Suppliers/Agents Support Department may take the following actions:
a) ask the client to provide the necessary explanations, including additional information explaining the economic meaning of the unusual transaction;
b) ensure increased attention (monitoring) in accordance with these rules and the requirements of the legislation on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime, to all transactions of this client;
c) take other necessary actions subject to compliance with the legislation of the Kyrgyz Republic.
21.40. Based on the payments study results, the General Director, on the recommendation of the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime, shall makes a decision:
a) to recognize the client's payments as subject to mandatory control and reporting;
b) to recognize the identified unusual payment as a suspicious transaction (payment), the implementation of which may be aimed at legalization (laundering) of proceeds from crime or financing of terrorism;
c) to consider the need to take additional measures to study unusual payments by the client;
d) to submit information on payments to the financial intelligence agency.
Procedure for storing information and documents on transactions (payments), as well as information obtained as a result of client due diligence.
21.41. The IT department, together with the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime, shall ensure that information on following payments subject to mandatory control and reporting is stored in the system for five years:
21.41.1. suspicious payments;
21.41.2. payments in favor of individuals or legal entities from high-risk countries;
21.41.3. payments with individuals who have served a sentence for legalization (laundering) of Proceeds from Crime, terrorism or extremism;
21.41.4. non-cash payments above the established threshold amount.
21.42. Based on the results of the transaction detection procedure, the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime together with the Technical Director shall document and maintain the confidential nature of the information upon detection of signs of the client committing suspicious actions.
21.43. The Technical Director of the Company shall be responsible for maintaining information on payments in the system.
21.44. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall store information on messages sent to the financial intelligence agency on paper in special box files.
21.45. The Suppliers/Agents Support Department shall ensure the storage of documents and information obtained as a result of proper verification of suppliers of goods/services, agents, subagents and counterparties during the entire period of business relations with them, as well as for five years after the termination of business relations.
21.46. The Supplier/Agent Manager ensures that the validity period of contractual relations with suppliers and agents is recorded in the relevant register, and also ensures that documents and files are stored in special box files. The Supplier/Agent Manager ensures classification and sorting, which allows for the timely location of documents and information.
21.47. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime is obliged to document and ensure the preservation on paper of documents and information prepared for consideration by the Management Board of the Company, including proposals to terminate business relations, the results of risk assessment in the Company and reports on the results of the implementation of the internal control program for the Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime.
21.48. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime ensures the storage for at least 5 years from the date of termination of relations with the client of:
21.48.1. documents on transactions for which internal messages were drawn up;
21.48.2. documents of internal messages;
21.48.3. results of the study of the grounds and purposes of the identified unusual transactions;
21.48.4. documents related to the client's activities (in the amount determined by the organization), including business correspondence and other documents at the discretion of the Company;
21.48.5. other documents obtained as a result of applying the internal control rules.
21.49. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall ensure the storage of the abovementioned documents in such a way that the data can be promptly accessed by the financial intelligence agency, as well as other government agencies in accordance with their competence in cases established by the legislation of the Kyrgyz Republic.
Procedure for system organization in the Company
21.50. The General Director of the Company shall ensure the organization of the internal control system in the Company for the purposes of Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime by approving the Internal Control Rules and delegating functions for the implementation of the requirements of the legislation of the Kyrgyz Republic on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime to a specially appointed official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime, who heads the compliance control department.
21.51. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall perform the following functions:
− development and submission to the General Director of draft internal control rules and other internal documents on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime, including risk assessment methodology and risk management procedures;
− organization of implementation of internal control rules;
− monitoring of due diligence on the client and other participants in transactions;
− monitoring and analysis of transactions (payments) of the client;
− making a decision on recognizing a transaction (payment) as suspicious and sending a message about a suspicious transaction (payment) to the financial intelligence agency, with subsequent notification of the executive body;
− submission to the financial intelligence agency of messages about transactions (payments) subject to control and reporting, in accordance with the legislation of the Kyrgyz Republic on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime;
− assisting authorized representatives of inspection bodies when they conduct inspections of the Company's activities on issues of compliance with the legislation of the Kyrgyz Republic on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime;
− preparing methodological documents (if necessary), consulting the Company's employees on issues arising during the implementation of internal control programs.
− conducting introductory and unscheduled training for the Company's employees on issues of Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime.
− Submission to the General Director, within the timeframes established by the General Director, but not less than once every six months, of a written report on the results of the implementation of the rules and procedures of internal control for the purpose of Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime.
− Making decisions on reports on transactions submitted to him by the Company's employees, on the advisability of their submission to the General Director.
− Ensuring the confidentiality of information received in the course of performing the functions assigned to him.
− Ensuring appropriate regime for the protection and storage of recorded information.
− Other functions in accordance with these rules and the Company's internal control documents.
21.52. The official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime or other person authorized by the Manager shall systematically, but not less than once every six months:
- conduct internal audits of the Company's compliance with internal control rules, requirements of legislation of the Kyrgyz Republic and other regulatory legal acts
- submit to the General Director of the Company a written report based on the audit results, containing information on all identified violations of the Kyrgyz Republic legislation on Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime, internal control rules and other organizational and administrative documents of the Company adopted in order to organize and implement internal control.
21.53. To perform the specified functions, the official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall be entitled to:
- Receive the necessary information and documents from the managers and employees of the Company's divisions, including organizational and administrative documents of the Company, accounting and monetary settlement documents in the manner established by the Company.
− Make copies of documents received, receive and store copies of files, copies of any records stored in local information networks and autonomous computer systems of the Company in the manner established by the Company.
− Receive explanations from employees regarding the implementation of the rules.
− Exercise other rights in accordance with internal control documents of the Company.
21.54. In order to reduce the risks associated with cases of fraud, the Official responsible for Combating the Financing of Terrorism and the Legalization (Laundering) of Proceeds from Crime shall carry out the following activities:
− Activities to identify and assess the risks of laundering of proceeds or financing of terrorism that may arise in connection with the development of new products and new business practices, including new transfer mechanisms, and the use of new or developing technologies for both new and existing products.
− Activities to check existing systems for vulnerabilities and the risk of fraud using technical, technological, software and other vulnerabilities of the HSC.
− Activities to develop new methods to combat fraud, including but not limited to:
− Development of additional methods, systems, rules for identifying HSC system users;
− Development of methods for monitoring, early detection of fraudulent transactions using algorithms and search masks.