1. GENERAL PROVISION
Kallis AML Plocy is established for prevention of Money Laundering and Terrorist Financing and is compliance with International Sanctions (hereinafter Policy) have been established by Compliance Officer Rutt Mölter and aproved by Gerorge Groshkov, member of the Management Board of AveoTech OÜ, registry code 16565098 (hereinafter Company). The Company is using a brand name Kallis https://usekallis.com/. The Kallis platform provides an integrated solution for e-commerce NFT shops launching their branded NFT collections. With its payment service feature (via 3rd party), Kallis Gateway allows customers to buy NFTs with FIAT via Debit and Credit card. The platform collects a fee as a percentage of every transaction by Kallis.
The AML Policy is based on the regulations of the Estonian Money Laundering and Terrorist Financing Prevention Act (hereinafter MLA) and International Sanctions Act (hereinafter ISA). The AML Policy brings out requirements for identification and verification of the Users and Counterparties, the Management of the Counterparties and the Beneficial Owners, understanding the Business Relationship, gathering the information whether there are relations with Politically Exposed Person, their family member or close associate or subject to International Financial Sanctions and monitoring the Business Relationship, including monitoring Users’ transactions, also making sure that the transactions do not breach International Sanctions. Prevent entering into transactions involving suspected Money Laundering and Terrorism Financing and to ensure identification and reporting of such transactions and/or suspicions identified when establishing or during monitoring the Business Relationship.
Money Laundering (hereinafter ML) - is a process of making ‘’dirty money’’ appear legal.
Money Laundering 3 stages:
Placement is a first stage of Money Laundering and during the Placement ‘’dirty money’’ is introduced into the legitimate Financial system, like an offshore account or a financial instrument. In the process of moving the cash from its source, the money is “washed” and disguised to look like a legitimate source of income.
Layering is a second stage of Money Laundering and during this stage the funds will be distanced from its original source. Illicit funds are divided into multiple small transactions and often transferred across the border, in order to hide the audit trail.
Integration is a final stage of Money Laundering and during this stage ‘’dirty’’ money is returned to the criminals from seemingly legitimate sources.
Terrorism Financing (hereinafter TF) - financing and supporting of an act of terrorism and commissioning thereof within the meaning.
Beneficial Owner - is a natural person who via ownership or other type of control, has the final dominant influence over a natural or legal person, or in whose interests, for the benefit of whom or in whose name a transaction or operation is made.
Business Relationship - a relationship of the Company established in its economic and professional activities with the e-commerce/Counterparty.
User - any natural or legal person using or expressing an intention to use the services of the Company.
Company - AveoTech OÜ
Compliance Officer or CO - representative appointed by the Management Board, responsible for the effectiveness of the Rules, conducting compliance over the adherence to the Rules.
FIU - Estonian Financial Intelligence Unit.
International Sanction - International Sanctions have become a key element in contemporary International Relations. a tool of foreign policy aimed at supporting the maintenance or restoration of peace, international security, democracy and the rule of law, following Human Rights and international law or achieving other objectives of the United Nations Charter.
International Financial Sanction - a specific measure under the International Sanctions regime which is not related to the use of armed forces and the imposition thereof and that has been decided by the European Union, the United Nations, another international organization or the Government of the Republic of Estonia and aimed to maintain or restore peace, prevent conflicts and reinforce international security, support and reinforce democracy, follow the rule of law, human rights and international law and achieve other objectives of the common foreign and security policy of the European Union. Financial sanctions are measures which:
Politically Exposed Person - is or who has been entrusted with prominent public functions in the European Economic Area or an institution of the European Union.
A family member of PEP - is his or her spouse, or a person considered to be equivalent to a spouse; child and their spouse, or a person considered to be equivalent to a spouse, and parent.
A close associate of PEP - is a natural person who is known have joint beneficial ownership of a legal person or a legal arrangement, or any other close business relations, with a PEP; and a natural person who has sole beneficial ownership of a legal entity or legal arrangement which is known to have been set up for the de facto benefit of a PEP.
Management Board or MB – management board of the Company.
Fiat Money - means the money or currency of any country or jurisdiction that is designated as legal tender and circulated, used and accepted as a medium of exchange in the country or jurisdiction of issuance and that is supported on the Kallis Platform.
Prepaid Credit Card - is a type of credit card with a credit limit which is deposited in advance. A prepaid card is not linked to a bank account and is often anonymous. Prepaid credit card
Shell bank - a shell bank maintains nothing but a registered agent in its country of incorporation, with the agent having little or no knowledge of the day-to-day operations of the bank, and simply providing an address for legal service in the jurisdiction. Such structures are a particular feature of some offshore centers.
Ultimate Beneficial Owner - is always the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted.
Direct ownership - is a manner of exercising control whereby the natural person owns a 25% shareholding plus one share or an ownership right of over 25% in the company.
Indirect ownership - is a manner of exercising control whereby a 25%shareholding plus one share or an ownership right of over 25% in the company is owned by a company that is controlled by a natural person or several companies that are controlled by the same natural person.
Member of Senior Management - is a person who makes the strategic decisions that fundamentally affect business activities and/or practices and/or company general (business) trends or in its absence carries out everyday or regular management functions of the company within the scope of executive power (CEO- chief executive officer; CFO- chief financial officer; director or president).
2. USERS’ AND KNOW YOUR BUSINESS (KYB) IDENTIFICATION PROCESS
To prevent the Kallis from being used for Money Laundering and Financing of Terrorism Company has established KYB and Users’ Due Diligence procedure and Enhanced Due Diligence procedure (hereinafter CDD and EDD). Enhanced Due Diligence is performed for riskier Users’ and Counterparties, upon the start of Business Relationship or prior the occasional transactions or purchase of NFTs, as well as during the business relationship.
EDD procedure is developed in accordance with the laws and regulations:
2.1. Users’ KYC
Kallis Users are regular retail customers, who purchase NFTs with Fiat money through payment instruments like Debit or Credit Card. Therefore, Kallis Business Model does not require Customers Onboarding Program, however, Kallis collects the minimum customer identification information during the sign up, in order for Users to interact on Kallis platform and purchase NFTs. Kallis applies Know Your Customer’s principles according to the Risk Based approach. All Users are subjected to the Sanctions check via IP address control, also, the Company has established Transaction Monitoring thresholds for the Fraud mitigation purposes. Kallis will not do business with customers that appear on relevant sanctions lists or have a previous history of financial crime activities. Based on the risk, and to the extent reasonable and practicable, Kallis will ensure it has established reasonable controls for the User Risk mitigation.
2.2. Know Your Counterparty (e-commerces).
When establishing Business relationships and during Business Relationship Kallis places great importance on “Know Your Counterparty” (“KYC”) activities and will conduct appropriate KYC Due Diligence inquiries on all parties who are or may become Business Counterparties.
Kallis has established a KYC questionnaire to ensure that all necessary information and documentation has been obtained by Kallis in accordance with Estonian AML Act. The questionnaire is designed to assist Kallis in mitigating the Legal, Regulatory and Reputational Risks arising from association with persons who may be, or may have been, engaged in illegal or unethical practices, including Money Laundering, Bribery, Corruption or is subjected to Sanctions.
The information catheter is as follow: Business Name, Website Address:, Type of Entity, City, Zip/Postal Code, Contact Name, Contact Email, Contact Number, State, Country,
Business ID Number:
Formation/Incorporation Date of e-commerce:
Country of Formation/Incorporation:
List identifying name of person(s) authorized to transact business on behalf of Counterparty:
List of Corporate Documents
Politically Exposed Person questions are mandatory based on regulatory requirement:
Bank Reference details:
During KYB Onboarding following areas will be assessed:
Source of Wealth should be collected on Risk-Based Approach including in these cases:
Beneficial Owner’s Source of Wealth should be collected on Risk-Based Approach, but at least in these cases:
When determining the source of wealth, the focus is on gathering information on Beneficial Owner activities that indicate how the Beneficial Owner acquired the wealth. For example, savings accumulated from salary during the previous years, investments, trading profit, assets, proceeds from inheritance etc. When collecting Source of Funds and Source of Wealth, detailed information should be obtained, as well as Risk-Based approach documentation to verify this information.
Additional information to verify from e-Commerce Businesses who pose higher risk through PEP status and High-Risk jurisdictions.
Politically Exposed Persons
Additional information should be requested upon Starting Business relationship or during Business Relationship if:
Sanction’s exposure & High-Risk jurisdictions
During the EDD should be evaluated if the Counterparty/e-commerce’s (as legal entity) the Beneficial Owner, Shareholder, an authorized representative, Economic Activities, key Business partners, associated businesses, used services, products and delivery channels are exposed to Sanctions Risk, by conducting Sanctions list screening.
If it has been identified that the Counterparty/e-commerce’s (as legal entity) may be directly or indirectly subject of applicable Sanctions laws and regulations or possess significant Sanctions Risk exposure or have been suspected in Sanctions evasion cases, then immediate Due Diligence measures must be applied before the Business Relationship is established or continued.
Adverse Media Information
Adverse Media screening is carried-out to assess whether there is any public information available on the Counterparty/e-commerce’s, Beneficial Owner, Shareholder or Authorised Representative of the Counterparty/e-commerce’s, and applied using Risk Based Approach on other associated parties, which indicates a possible association with the proceeds of crime, ML/TF, Terrorism or Financial Crime (for example: fines for AML regulatory breach, a Beneficial Owner has been convicted of a Financial Crime relations to possible corruption, ML/TF other related illegal activities, information of relations to offshore jurisdictions including low-tax- and tax-free countries and territories, frauds, business partners come from Sanctioned country, etc.).
During Adverse Media screening, the following factors should be evaluated:
Credibility and source of the information and how old is the information. Whether the information is an allegation or proven incident. Whether the information is a one-off or repeated incident. Whether the information impacts on the relationship with Kallis. Each potential result of Adverse Media information must be considered taking into account all other information (including group of related people). EDD should indicate if any Adverse Media information was found and evaluation of this information to the Management must be provided.
3. TRANSACTION MONITORING
https://usekallis.com/ creates a special dedicated landing pages for the brands hosted by Kallis. The User mints NFT and is transferred to User’ non-custodial wallet provided by a third party. The NFT gets minted once payment is confirmed. The wallet can be accessed only via User’s email, NFTs can not be transferred or traded.
When the NFT will get minted once payment is confirmed and transferred directly to the users' wallet (non-custodial). User explicitly agrees to waive withdrawal rights from the transactions (no refunds allowed). Payment is performed in Euro and the NFTs initially cannot be transferred or traded NFT can be purchased in Euros via debit or credit cards. Kallis will monitor User’s account activity for unusual size, volume, pattern or type of transactions, accounting for Risk factors and Red flags which are appropriate to our Business model.
Credit Card Payments (in alignment with payment processor)
Company enables customers to use Credit cards on its platform, including prepared Credit cards which pose a High-Risk of anonymity and Sanctions Exposure. Kallis has mitigated risks as follow:
Afghanistan, Albania, American Samoa, Bosnia and Herzegovina, Barbados, Burkina Faso, Bahamas, Botswana, Ethiopia, Ghana, Guam, Guyana, Haiti, Iran, Jamaica, Jordan, Cambodia, North-Korea, Cayman Island, Lao, Sri Lanka, Morocco, Mali, Myanmar, Mongolia, Mauritania, Mauritius, Nicaragua, Panama, Philippines, Pakistan, Puerto Rico, Russia, Palestine, Senegal, Sudan, Syria, Tunisia, Trinidad and Tobago, Uganda, USA, Virgin Island, Vanuatu, Yemen, Zimbabwe.
CDebit Card Payments (in alignment with payment processor)
Red flags which may signal possible Money Laundering or Terrorist Financing include, but are not limited to:
Based on Estonian AML Act Kallis has an obligation to report transactions executed from Sanctioned jurisdictions or by Sanctioned individuals. Transactions which exceed 15 000 euros annually will be subjected to Source of Wealth check if the User is not able to prove the SoW SAR will be filed and the User account disabled.
5. RISK ASSESSMENT
Risk Based Approach and its implementation
Kallis has adopted a Risk-Based Approach (hereinafter RBA) for identifying, assessing, understanding, and mitigating the ML and TF Risk to which it is exposed. Certain aspects of Business pose greater AML Risk than others and will require additional controls to mitigate those Risks. The Risk-Based approach should establish minimum standards for the Company that are reasonably designed to comply with all applicable laws and regulations.
The Risk Assessment is established on a Risk-Based approach. However, all categories of Risk: low, medium, high – must be identified and mitigated by the applicable controls, such as verification of customer Identity, Customer Due Diligence policy, Suspicious Activity monitoring and Economic Sanctions screening. The Risk depends on many factors, including jurisdictions, customers type and products and services. Kallis conducts a new Risk Assessment before entering New Markets, engaging New and Existing technologies, offering New services and products, including New or non-traditional sales channels and New or Emerging technologies.
FATF Risk Criteria
Whilst assessing the Risk FATF recommends considering the following areas:
Customer Risks – non-resident customers, cash-incentive businesses, complex ownership structure of a company and companies bearer shares, shell banks and its customers.
Country or jurisdictional: such as countries with inadequate AML/CFT systems, countries subject to Sanctions or embargoes, countries involved with funding or supporting of Terrorist activities or those with significant levels of corruption
Products, services, transaction or delivery channel Risk: anonymous transactions, payments from unknown third parties.
Risk-Based Approach implementation
The Company puts into practice a Risk-Based Approach (hereinafter RBA), considering the Inherent Risks, the risk indicators and the Residual Risks that persist after clarification and increased-vigilance measures have been taken. The Company takes an RBA in assessing its customers and Counterparties to ensure it appropriately identifies and manages potential Money Laundering Risks.
The following table summarizes the inherent and residual ML/TF activity-related Risk specific to each Risk element assessed in the Company’s Business-Based Risk Assessment.
The Inherent and Residual Risk rating described in this table is obtained by calculating the average of the component Risk scores for each category of Risk (products and services, delivery channels, jurisdictions) as documented in our Risk Matrices.
|Factors||Inherent Risk||Rationale||Residual Risk||Mitigation and Controls|
|Product and Service|
Sale of NFTs and transfer to the User’s Wallet (non-custodial)
|High||The Kallis platform provides an integrated solution for e-commerce NFT shops launching their branded NFT collections. With its checkout feature, Kallis Gateway allows you to buy NFTs with FIAT. Upon successful payment, NFTs will instantly be transferred to the User’s wallet..||Low||Kallis facilitates instant minting and transfer of NFTs into the User’s wallet.|
NFT can be seen as a High-Risk product due to ownership anonymity while purchased with crypto, high market fluctuation and Users jurisdictional breaches. This is not the case with Kallis and risk are very limited as
1. User explicitly agrees to waive withdrawal rights from the transactions (no refund option). Bought is bought.
2. Payment is performed in Euro (no cryptocurrencies involved)
3. Movability of NFTs is managed via the NFT smart contract. Initially it cannot be transferred or traded and therefore cannot be misused.
4. As Kallis has oversight about who bought and owns which NFT, it is always clear who is the beneficial owner of each piece.
|High||All transactions are conducted via Kallis whitelabel webpage in a non face-to-face environment and pose a higher risk of anonymity since it's difficult to prove that the user is the person claims to be.||Medium||Kallis Mitigates the risk of anonymity as customers buy the product using Fiat money via regulated payment processors within the EU. As a prerequisite users have to register their payment instruments which makes sure that funds belong to the User and make the audit trail traceable.|
Use of Debit and Credit cards
|Medium||Users are able to purchase NFTs only in Euros, once the payment is done, the NFT will be minted and transferred directly to the Users’ wallet (non- custodial).||Medium||Deposit can be purchased in Euros via debit or credit cards. Kallis will monitor User’s account activity for unusual size, volume, pattern or type of transactions, accounting for Risk factors and Red flags which are appropriate to our Business model.|
Users Risk is mitigated through low price and low risk products they can purchase. Relevant thresholds and controls are in place to limit the possibility for high risk money flows.
|Jurisdictional Risk||Medium||Kallis offers its services mainly inside the European Economic Area.||Medium||The High Risk and Sanctions risk is mitigated through live IP address checks and geolocation checks. Risk based approach is applied and Users are blocked to use Kallis service and access to the websites if they are from high risk/sanctioned jurisdictions.|
6. RISK APPETITE STATEMENT
Risk appetite is the level of Risk that a Company is not willing to take to achieve strategic objectives. The Management and Compliance Officer are reviewing and monitoring the present Risk Appetite Statement on an annual basis to ensure that it is up to date based on products and services and Business scope. Kallis Management considers the Risk Appetite Statement in the context of the Regulatory Environment applicable to the Business of the Company and its strategic goals.
The Company does not establish a Business Relationship with the following:
Intolerable Risks (Prohibited)
Counterparties/ e-commerces under Know Your Business
Kallis have no appetite and, hence, We have zero tolerance for Counterparties who engage in any of the following:
Kallis has no appetite and, hence, zero tolerance for establishing or maintaining a business relationship with an entity or individual designated on any of the below lists or where otherwise prohibited by applicable law or regulation. The company has no appetite to execute transactions relating to any such entity or individual. In particular:
Counterparties (KYB) (or connected to them) for whom, we have identified material Adverse Media are. The scope of the Adverse Media is not limited to allegations or convictions related to criminal activity - bad reputation is enough to raise the Risk level attributed to the client.
Examples include intolerable:
Adverse Media as to: