1. Purpose and Status
This Anti-Money Laundering and Counter-Terrorist Financing Policy (the "Policy") sets out the framework that Unlshd Ltd, trading as NeptunePay ("Unlshd", "we"), applies to manage the risk that its services are misused for money laundering, terrorist financing, sanctions evasion, or other financial crime.
Unlshd is not a "regulated obliged entity" within the meaning of the Cyprus Prevention and Suppression of Money Laundering Activities Law of 2007 (L. 188(I)/2007, as amended) ("the Cyprus AML Law"), nor is it a credit institution, payment institution, or electronic money institution under any equivalent regime. Unlshd does not handle, transmit, or hold customer or merchant funds. The acquirer relationship rests directly between the merchant and a regulated acquirer.
Notwithstanding the foregoing, Unlshd voluntarily applies a financial-crime control framework that is consistent with the principles of the Cyprus AML Law, EU Directive (EU) 2015/849 (4AMLD) and EU Directive (EU) 2018/843 (5AMLD), the Financial Action Task Force ("FATF") Recommendations, and the operating regulations of Visa, Mastercard, and other card schemes. The reasons for doing so are: (i) to protect Unlshd, its directors, and its partner acquirers from financial-crime exposure; (ii) to satisfy the diligence expectations of partner acquirers and sponsor banks; and (iii) to ensure that Unlshd does not knowingly facilitate, or turn a blind eye to, criminal activity by any merchant it supports.
2. Scope
This Policy applies to all directors, officers, employees, contractors, and agents of Unlshd and to every merchant evaluation, onboarding, ongoing-monitoring, and offboarding activity carried out by Unlshd. It applies regardless of the merchant's jurisdiction or the partner acquirer's jurisdiction.
3. Risk-Based Approach
Unlshd applies a risk-based approach. Resources, controls, and depth of due diligence are calibrated to the assessed risk of the merchant and the relationship. Unlshd maintains a documented Money Laundering and Terrorist Financing Risk Assessment ("MLTF Risk Assessment") covering, at minimum:
• inherent risk by merchant vertical (with iGaming, foreign exchange and CFD trading, and adult content treated as inherently higher-risk);
• country and jurisdiction risk (using FATF, EU, OFAC, and Transparency International indicators);
• product and channel risk (recurring vs. one-off, cross-border, high-value, anonymity-favouring);
• customer-base risk (B2B vs. B2C, professional vs. retail, presence of politically exposed persons);
• delivery channel risk (online-only vs. omnichannel);
• partner-acquirer risk profile.
The MLTF Risk Assessment is reviewed at least annually and on the occurrence of any material change.
4. Governance and Responsibility
4.1 Board of Directors
The Board of Directors of Unlshd Ltd has ultimate responsibility for financial-crime risk management. The Board approves this Policy, approves the MLTF Risk Assessment, and reviews material financial-crime issues at least annually.
4.2 Money Laundering Reporting Officer
Unlshd appoints a designated person as Money Laundering Reporting Officer ("MLRO"). The MLRO has functional independence and direct access to the Board. The MLRO is responsible for:
• overseeing the implementation of this Policy and related procedures;
• receiving, evaluating, and where appropriate escalating internal reports of suspicious activity;
• liaising with regulators, law-enforcement bodies, and partner acquirers on financial-crime matters;
• maintaining the MLTF Risk Assessment and reporting to the Board on financial-crime risk;
• approving onboarding of higher-risk merchants and approving any deviation from standard procedures.
Where the operational scale of Unlshd does not warrant a full-time MLRO, the role may be combined with the Compliance Officer role, provided that the combined role has adequate seniority, independence, and resourcing.
4.3 All Staff
Every employee, contractor, and agent of Unlshd is responsible for: (i) understanding and applying this Policy and any related procedures; (ii) recognising indicators of suspicious activity; (iii) reporting suspicions promptly to the MLRO; and (iv) completing financial-crime training as required.
5. Customer Due Diligence and Know-Your-Business
Unlshd conducts Know-Your-Business ("KYB") and Customer Due Diligence ("CDD") on every merchant, before any introduction to an acquirer is made and on an ongoing basis. KYB/CDD comprises:
• identification and verification of the merchant entity (incorporation, registered address, good standing, legal form);
• identification and verification of all ultimate beneficial owners holding 25% or more of ownership or control, with adverse-media, sanctions, and PEP screening;
• identification of directors and senior management, with sanctions and PEP screening;
• verification of all licences, permits, and authorisations relevant to the merchant's activities (with direct verification at the issuing authority where possible);
• understanding of the merchant's business model, customer base, geographic footprint, expected transaction profile, and source of funds;
• review of the merchant's website, marketing, customer terms, and complaints performance;
• where relevant, review of the merchant's own AML, KYC, responsible-gambling, suitability, or content-moderation programmes.
Unlshd will not introduce any merchant to an acquirer until KYB/CDD has been satisfactorily completed and approved at the appropriate level.
5.1 Enhanced Due Diligence
Enhanced Due Diligence ("EDD") is applied where any of the following indicators is present:
• the merchant operates in iGaming, foreign exchange/CFD, adult content, or any other vertical designated as higher-risk in the MLTF Risk Assessment;
• the merchant has a beneficial owner or director who is a politically exposed person, a family member or close associate of a politically exposed person, or who has adverse media coverage;
• the merchant is established in, or substantially operates from, a higher-risk jurisdiction (FATF call-for-action, EU non-cooperative jurisdictions, or otherwise designated);
• the merchant's ownership or control structure is opaque, multi-layered, or involves nominee arrangements;
• the merchant has been declined, terminated, or MATCH/TMF-listed by a previous acquirer;
• the merchant's expected transaction profile is unusually high-value, high-velocity, or cross-border;
• any other circumstance that the MLRO considers to warrant enhanced scrutiny.
EDD measures include source-of-funds and source-of-wealth verification for beneficial owners, third-party background reports, on-site or video diligence, audited financials, and senior-management approval of the relationship.
6. Politically Exposed Persons
Unlshd identifies and manages relationships involving politically exposed persons ("PEPs") in line with EU and FATF expectations. A PEP is any natural person who is or has been entrusted with prominent public functions, and includes their immediate family members and close associates. PEP relationships require: (i) senior-management approval before the relationship is established; (ii) source-of-funds and source-of-wealth measures for the PEP; and (iii) enhanced ongoing monitoring. PEP status is screened at onboarding and on an ongoing basis using a recognised commercial screening provider.
7. Sanctions
Unlshd does not transact, directly or indirectly, with persons or entities subject to sanctions imposed by the United Nations, European Union, United Kingdom, or United States Office of Foreign Assets Control, or any other regime applicable to Unlshd or its partner acquirers. Sanctions screening is conducted on every merchant, every beneficial owner, every director, and every senior manager at onboarding and on an ongoing basis. Detailed measures are set out in Unlshd's Sanctions Compliance Statement (NP-POL-003).
8. Ongoing Monitoring
Unlshd applies ongoing monitoring to every merchant, calibrated to the assessed risk of the relationship. Monitoring includes:
• periodic refresh of KYB documentation (annually for higher-risk merchants, on a longer cycle for standard-risk merchants);
• continuous sanctions, PEP, and adverse-media screening of merchants and their beneficial owners;
• review of merchant chargeback ratios, fraud ratios, refund ratios, and dispute volumes against scheme thresholds and acquirer thresholds;
• review of merchant volume against expected baseline, with investigation of material deviations;
• review of partner-acquirer alerts, scheme alerts, and inquiries from law enforcement or regulators.
Trigger events for ad-hoc review include: changes to the merchant's ownership, control, business model, or licensing status; chargeback or fraud breaches; sanctions or adverse-media hits; complaints or whistleblower reports; and any partner-acquirer concern.
9. Suspicious Activity Reporting
Any employee, contractor, or agent who suspects, or has reasonable grounds to suspect, that a merchant or transaction is connected with money laundering, terrorist financing, sanctions evasion, fraud, or other criminal activity must report the suspicion immediately to the MLRO. Reports are made in writing to mlro@neptunepay.io or, where confidentiality requires, in person.
The MLRO evaluates each report. Where the MLRO concludes that there is a reasonable basis for suspicion, the MLRO will: (i) determine, taking external advice if appropriate, whether and to whom an external report (including, where applicable, to MOKAS — the Cyprus Unit for Combating Money Laundering — or to a foreign Financial Intelligence Unit) is required or warranted; (ii) notify the partner acquirer, where contractually required; and (iii) determine whether the merchant relationship should be suspended or terminated.
"Tipping off" — disclosing the existence or content of a suspicion or report to the merchant or any third party — is strictly prohibited.
10. Record Keeping
Unlshd retains all KYB, CDD, EDD, transaction-monitoring, screening, and suspicious-activity-report records for a period of at least five years following the end of the merchant relationship, or longer where required by applicable law or contract with a partner acquirer. Records are stored securely and are accessible to the MLRO, the Compliance Function, and (subject to legal process) competent authorities.
11. Training
All employees, directors, and contractors receive financial-crime training on induction and at least annually thereafter. Training covers this Policy, indicators of money laundering and terrorist financing, sanctions, suspicious-activity reporting, and tipping-off prohibitions. Vertical-specific training is provided to staff handling iGaming, forex/CFD, and adult-content merchants. Training records are retained.
12. Independent Review
This Policy and the underlying control environment are subject to independent review at least every two years, or more frequently where warranted. Review may be carried out by an internal function independent of the Compliance Function, by an external adviser, or in response to a partner-acquirer or scheme-mandated audit.
13. Cooperation with Authorities
Unlshd cooperates fully with competent regulators, financial-intelligence units, law-enforcement bodies, partner acquirers, and card schemes in the investigation of suspected financial crime, subject to applicable law and legal-professional privilege. Production-order, court-order, and freezing-order requests are handled by the MLRO in consultation with legal counsel.
14. Related Documents
• Acceptable Use & Prohibited Businesses Policy;
• Sanctions Compliance Statement ;
• Risk Management Framework ;
• Merchant Onboarding and KYB Procedure ;
• Chargeback Management Procedure .
— END OF POLICY —
