Anti-Money Laundering (AML) Policy

Digital Techlab Private Limited (DigitX) is a company incorporated under the laws of India and having its registered office at, B2-1002, Marathon Nextgen Innova, V.S Lane, Off Ganpatrao Kadam Marg, Lower Parel – 400013, Mumbai. Persons availing of the any services from DigitX, or engaging in any transactions on any digital/non digital platform provided or operated by DIGITX, directly or indirectly, are referred to herein, as "Users". The designated official of DigitX may amend / modify the policy in this regard from time to time.

1. Introduction

The guidelines are modeled along the Directives as outlined by SEBI under Master Circular no. SEBl/HO/MlRSD/DOS3/ClR/P/2018/104 dated July 4, 2018 to the extent these are applicable to the DIGITX's line of business. The said SEBI guidelines also provide guidance on the practical implications of the Prevention of Money Laundering Act, 2002 (PMI-A). The Directives also set out the steps that may be taken to discourage and to identify any money laundering or terrorist financing activities.

The overriding principle is that they shall be able to satisfy themselves that the measures taken by them are adequate, appropriate and abide by the spirit of such measures and the requirements as enshrined in the PMLA.

Persons availing of the any services from DIGITX, or engaging in any transactions on any digital/non digital platform provided or operated by DIGITX, directly or indirectly, are referred to herein, as "Users".

This is an agreement between DIGITX and User, which is binding on the User. All Users are required to comply with the terms of this agreement at all times, and any instance of non-compliance will result in the termination of such User's accounts on the DIGITX platform, and in appropriate reporting of the circumstances of such non-compliance and such termination to the relevant statutory authorities. Integrity, honesty and ethical business practices are some of the core values of DIGITX, and DIGITX strongly condemns any and all activities related to terrorism, money laundering, and all other unlawful actions. In order to prevent misuse of the services provided on the DIGITX platform, Users are required to strictly comply with the terms contained herein, which forms part and parcel of the User Terms of Service. Terms not defined herein shall carry the same meaning as in the User Agreement, and in the absence thereof, to general usage and parlance.

Users are required to read, review, understand and then agree to the terms hereunder for using or availing of the DIGITX Services, before clicking the "1 Accept" option.

This Anti-Money Laundering Policy (herein after referred to as the "AML Policy") supersedes with respect to the AML Policy.

2. Definitions

All terms defined in the Terms of Service and the Privacy Policy will carry the same meaning, force and effect in this AML Policy.

a. "Applicable Law" means all laws in force for the time being within the territory of India, including (but not restricted to) the Prevention of Money Laundering Act 2002 ("PMLA/AML"), the Prevention of Money Laundering (Maintenance of Records) Rules 2005 ("PML Rules"), and the SEBI Master Direction on AML and CFT dated July 4,2018 to be updated from time to time.

b. "Designated Director" means a managing director or whole-time director of DIGITX who has been appointed and authorized to administer DIGITX anti-money laundering measures, in accordance with the PMLA;

c. "Principal Officer" means the officer appointed by DIGITX to administer DIGITX anti-money laundering measures, in accordance with the PMI-A;

d. "Senior Management" means such directors, officers or other personnel of DIGITX as are specifically designated to monitor and ensure know-your-customer compliance and the operation of DIGITX's internal audit systems;

e. "Suspicious Transaction" means a transaction, whether or not made in cash which, to a person acting in good faith:

i. Give rise to a reasonable ground of suspicion that it may involve proceeds of an offense specified in the schedule to the Act, regardless of the value involved; or

ii. Appears to be made in circumstances of unusual or unjustified complexity; or

iii. Appears to have no economic rationale or bona fide purpose; or

iv. Gives rise to a reasonable ground of suspicion that it may involve financing of the activities relating to terrorism;

Explanation —Transaction involving financing of the activities relating to terrorism includes transaction involving funds suspected to be linked or related to, or to be used for terrorism, terrorist acts or by a terrorist, terrorist organization or those who finance or are attempting to finance terrorism.

3. Record Keeping

DIGITX shall ensure compliance with the record keeping requirements contained in the PMI-A as well as other relevant legislation, etc. DIGITX shall maintain the following information for the accounts of their clients in order to maintain a satisfactory audit trail:

a. The beneficial owner of the account;

b. The volume of the funds flowing through the account; and

c. For selected transactions:

i. The origin of the funds

ii. The form in which the funds were offered or withdrawn, e.g. cheques, demand drafts etc.

iii. The identity of the person undertaking the transaction;

iv. The destination of the funds;

v. The form of instruction and authority.

3.1. Information to be maintained

DIGITX will maintain and preserve the following information in respect of transactions:

a. The nature of the transactions;

b. he amount of the transaction and the currency in which it is denominated;

c. The date on which the transaction was conducted; and

d. The parties to the transaction.

3.2 Monitoring of transactions

DIGITX may monitor complex unusually large transactions / patterns which appear to have no economic purposes.

Transactions exceeding such internal threshold limits for each class of client accounts as may be specified from time to time. Randomly examine a selection of transactions undertaken by clients to comment on their nature i.e. whether they are in the nature of suspicious transactions or not.

3.3 Suspicious Transaction Monitoring and Reporting

DIGITX will monitor Suspicious Transactions of like nature:

a. Clients whose identity verification seems difficult or clients that appear not to cooperate

b. Asset management services for clients where the source of the funds is not clear or not in keeping with

clients' apparent standing /business activity;

c. Clients based in high risk jurisdictions;

d. Substantial increases in business without apparent cause;

e. Clients transferring large sums of money to or from overseas locations with instructions for payment in cash;

f. Attempted transfer of investment proceeds to apparently unrelated third parties;

e. Unusual transactions by CSCs and businesses undertaken by offshore banks/financial services, businesses reported to be in the nature of export- import of small items. Transactions that are abandoned or aborted by clients on being asked to give some details or to provide documents.

4. Retention of Records

DIGITX shall maintain and preserve such records and information as mentioned in Rule 3 of PML Rules for a period of five years from the date of transactions between the client and DIGITX or period of five years after the business relationship between a client and intermediary has ended or the account has been closed, whichever is later. Suspicious Transaction reports shall be retained until it is confirmed that the case has been closed.

5. Client Due Diligence (CDD)

The CDD measures comprise the following:

a. Obtaining sufficient information in order to identify persons who beneficially own or control the crypto currency account. Whenever it is apparent that the crypto currencies are acquired or maintained through an account are beneficially owned by a party other than the client, that party shall be identified using client identification and verification procedures. The beneficial owner is the natural person or persons who ultimately own, control or influence a client and/or persons on whose behalf a transaction is being conducted. It also incorporates those persons who exercise ultimate effective control over a legal person or arrangement.

b. Verify the client's identity using reliable, independent source documents, data or information from ADHAAR, PAN etc.

c. Identify beneficial ownership and control, i.e. determine which individual(s) ultimately own(s) or control(s) the client and/or the person on whose behalf a transaction is being conducted.

d. For clients other than individuals or trusts: Where the client is a person other than an individual or trust, viz., company, partnership or unincorporated association/body of individuals, the intermediary shall identify the beneficial owners of the client and take reasonable measures to verify the identity of such persons, through the following information:

Constitutional documents like Memorandum/ Articles of Association, certificate of incorporation, Resolution of the Board, Board appointing authorized signatories and instructions regarding account openings and conduct of the transactions; registered partnership deed, KYC documents of managing/ authorized partners, bank account details including cancelled cheques etc. authorization letters for trading in crypto currencies.

The identity of the natural person, who, whether acting alone or together, or through one or more juridical person, exercises control through ownership or who ultimately has a controlling ownership interest.

Explanation: Controlling ownership interest means ownership of/entitlement to:

i. More than 25% of shares or capital or profits of the juridical person, where the juridical person is a company;

ii. More than 15% of the capital or profits of the juridical person, where the juridical person is a partnership; or

iii. More than 15% of the property or capital or profits of the juridical person, where the juridical person is an unincorporated association or body of individuals.

In cases where there exists doubt as to whether the person with the controlling ownership interest is the beneficial owner or where no natural person exerts control through ownership interests, the identity of the natural person exercising control over the juridical person through other means.

Explanation: Control through other means can be exercised through voting rights, agreement, arrangements or in any other manner.

i. Where no natural person is identified, the identity of the relevant natural person who holds the position of senior managing official.

ii. For client which is a trust: Where the client is a trust, the intermediary shall identify the beneficial owners of the client and take reasonable measures to verify the identity of such persons, through the identity of the settler of the trust, the trustee, the protector, the beneficiaries with 15% or more interest in the trust and any other natural person exercising ultimate effective control over the trust through a chain of control or ownership.

iii. Exemption in case of listed companies: Where the client or the owner of the controlling interest is a company listed on a stock exchange, or is a majority-owned subsidiary of such a company, it is not necessary to identify and verify the identity of any shareholder or beneficial owner of such companies.

iv. More than 15% of the property or capital or profits of the juridical person, where the juridical person is an unincorporated association or body of individual.

v. Applicability for foreign investors: Intermediaries dealing with foreign investors' may be guided by the clarifications issued vide SEBI circulars CIR/MlRSD/11/2012 dated September 5, 2012 and CIR/MIRSD/ 07/ 2013 dated September 12, 2013, for the purpose of identification of beneficial ownership of the client.

Verify the identity of the beneficial owner of the client and/or the person on whose behalf a transaction is being conducted, corroborating the information.

Understand the ownership and control structure of the client.

Conduct ongoing due diligence and scrutiny, USER shall periodically update all documents, data or information of all clients and beneficial owners collected under the CDD process.

5.1 Policy for acceptance of clients:

No account is opened in a fictitious / benami name or on an anonymous basis.

Politically Exposed Persons (PEP) or their family members

Companies offering foreign exchange offerings

Clients in high risk countries named by the FATF on its website (,or named in other publicly available information like at the United Nations Security Council's ISIL (Da'esh) & Al-Qaida Sanctions List, or on its 1988 Sanctions List,

Non face to face clients

Clients with dubious reputation as per public information available etc.

5.2 Regional Limitations for Trading:

DIGITX will monitor the usage of its platform to ensure that the trades originate within the boundary of geographical India. Any exception to the same on a continuous / substantial basis for a prolonged period would be inquired into and disciplinary action, if any, would be initiated.

6. Risk-based Approach:

a. DIGITX shall exercise ongoing due diligence with respect to the business relationship with every User and closely examine the transactions in order to ensure that they are consistent with their knowledge of the User, his business and risk profile and where necessary, the source of funds.

b. DIGITX will also review its due diligence measures and undertake measures to re-verify the identity of a User and obtain further information on a User's activities, if DIGITX has any suspicions of money laundering or the financing of terrorism.

c. DIGITX will periodically verify the identity of all Users to determine whether there are any matches with any names appearing on any of the SEBl/RBl's sanctions lists.

d. All due diligence undertaken by DIGITX is documented, designed to consider all relevant risk factors in determining overall risk and the appropriate migratory measures, is kept up to date; and will always be available to the relevant authorities and self-regulating bodies.

e. DIGITX will maintain copies of all identity documents of Users, after filing such documents and records with CERSAI for KYC purposes (as and when so required under applicable Law).

f. f) DIGITX will verify the identity of Users while carrying out transactions worth more than INR 10,00,000 (Indian Rupees ten lacs), whether through a single transaction or a series of connected transactions in a span of one month on running basis. If DIGITX has reason to believe that a User is intentionally structuring a transaction into a series of transactions, below the threshold of INR 10, 00,000 (Indian Rupees ten lacs), it will undertake separate customer identification procedures.

g. In the event that it is brought to the attention of DIGITX, that a particular User or account is maintained under a fictitious name, DIGITX has the full right and authority to terminate and close such an account with immediate effect and without prior notice to the User.

h. If DIGITX doubts the adequacy or veracity of previously obtained customer identification data, DIGITX shall review the due diligence measures including verifying again the identity of the User and obtaining information on the purpose and intended nature of the business relationship, as the case may be. DIGITX may also undertake customer identification procedures if third-party products are being sold on the DIGITX platform, with dues of such sale exceeding INR 10,00,000(Indian Rupees ten lacs).

Once a User has participated in transactions of a total value of at least INR 10,00,000 (Indian Rupees ten lacs) over the course of his/her engagement in a running month with the DIGITX platform, DIGITX will initiate a process of additional due diligence by seeking the following documentation from such Users:

a customer declaration form, stating that all crypto currencies and all funds used by such User on the DIGITX platform are sourced through legitimate channels, and containing other details in relation to the user;

bank statements for such Users over the previous three months;

a certificate from a chartered accountant, with details in relation to the financial soundness of the User and the User's compliance with the PMI-A and Foreign Exchange Management Act 1999; and

Documents for the physical verification of identity and address for such User.

DIGITX will classify all Users as high-risk, medium-risk or low-risk, and will periodically update the KYC records for all Users as follows:

Once every two years for high-risk Users;

Once every eight years for medium-risk Users; and iii. Once every ten years for low-risk Users.

Once a User has participated in transactions of a total value of at least Rs 1,00,00,000 (Rs. One crore) over the course of his/her engagement with the DIGITX platform, or deposits or transacts in an amount of at least INR 1,00,00,000 (Indian Rupees one crore) on the DIGITX Platform, DIGITX will also conduct 'chain analysis' to identify the relevant public address for such User and earmark such User as either as 'high risk', 'medium risk', or 'low risk' based on parameters such as the use of cryptocurrencies for terrorist funding or money laundering activities, etc. This limit of INR 1,00,00,000 (Indian Rupees one crore) may be revised by DIGITX from time to time, based on DIGITX's determination of appropriate thresholds in accordance with ongoing compliance measures, and if and as may be required under applicable Law.

DIGITX will, in particular, monitor the following categories of transactions, and will conduct due diligence on an ongoing basis on them:

large, complex transactions, including those with unusual patterns that are inconsistent with a User's normal / expected level of activity, without an apparent economic rationale or legitimate purpose; and ii. Transactions that involve high account turnover, inconsistent with the size of the balance ordinarily maintained by a User.

As Users are not face-to-face customers of DIGITX, DIGITX may require to undertake enhanced due diligence, including certification of all documents provided by the Users, calling for additional documents whenever necessary, and requiring that the first payments made by such Users be effected through the User's KYC-compliant account with a bank. Any such requirements, as may be imposed under Applicable

Law, will be incorporated into this AML Policy, and DIGITX reserves the right to update the AML Policy for this purpose.

6.1 Reporting to Financial Intelligence Unit-India

In terms of the PMI- Rules, DIGITX may if required, will report information relating to cash and suspicious transactions to the Director, Financial Intelligence Unit-India (FIU-IND)/ and, or any other authority as approved by regulator at the following address.

Appoint officer as Principal Officer for ensuring compliance with provisions of PMI-A and a Designated Director:

the Managing Director or a Whole-Time Director duly authorizes by the Board of Directors if the reporting entity is a company,

the managing partner if the reporting entity is a partnership firm,

the proprietor if the reporting entity is a proprietorship firm,

the managing trustee if the reporting entity is a trust,

a person or individual, as the case may be, who controls and manages the affairs of the reporting entity if the reporting entity is an unincorporated association or a body of individuals, and

Such other person or class of persons as may be notified by the Government if the reporting entity does not fall in any of the categories above."

Your account in minutes.