BPX AML/CTF POLICY

Date of the last revision: 1 August 2018

PART A - GENERAL

Business Elements

1. Introduction

This document is BPX’s Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Program adopted under section 81 of the AML/CTF Act.  BPX carries on the business of a digital currency exchange and provides digital currency exchange services.

The second half of Part A of this document (clauses 11 to 18) and Part B (clauses 19 to 20) both contain the detailed user-dealing procedures to be observed by identified personnel of BPX in opening user accounts and effecting exchange transactions. 

2. AML/CTF commitment

BPX is committed to full compliance with the AML/CTF Act and Rules, and to striving to achieve the objectives of the AML/CTF Act, in an environment where online digital currency exchanges are relatively new enterprises and the full ML/TF ramifications are not fully understood.  As part of that commitment, BPX will review ML/TF risks and the effectiveness of this program during the early years of its operations more frequently than is usual under typical Australian AML/CTF practice (see clauses 4, 7 and 8).

3. AML/CTF program management

BPX’s board of directors must approve any amendment to this program and must oversee compliance with it.  The Managing Director of BPX will report to the compliance committee about compliance at each regular meeting which deals with regulatory compliance matters.

The Managing Director will ensure that at all times a senior officer of BPX is designated and acting as its 'AML/CTF Compliance Officer'.

At the date of this document Ross Honeyman is the AML/CTF Compliance Officer, and the following managers (in order of succession) will act as AML/CTF Compliance officer if the incumbent or another named manager is not actually discharging the duties during office hours:

• Jason Yeates

The AML/CTF Compliance Officer must:

• perform all functions specifically assigned to him/her under this program;
• report any systemic concerns to BPX’s Managing Director and/or board of directors; and
• make recommendations (if any) for improvement of the program to the Managing Director and/or board of directors.

The AML/CTF Compliance Officer must keep records of the discharge of his/her functions under this program.

By 31 March in each year the AML/CTF Compliance Officer must give AUSTRAC a Compliance Report for the previous calendar year. The Compliance Report must be completed on-line at www.austrac.gov.au/online.

The AML/CTF Compliance Officer must also advise AUSTRAC, within 14 days of the change occurring, of changes to BPX's enrolment details (see Chapter 64 of the AML/CTF Rules) and changes in circumstances that could materially affect BPX's registration as a digital currency exchange provider (section 76P of the AML/CTF Act and paragraph 76.18 of the AML/CTF Rules).

4. Independent review of program

This program will be reviewed in accordance with AML/CTF Rule 8.6 no later than intervals of 12 months.  Reports arising from each review must be given to BPX’s board.

5. Employee due diligence program

Any employee or contractor of BPX, and any employee of a contractor, who is directly engaged in the design or operation of BPX's IT systems, the opening of user accounts, the effecting of user transactions or the maintenance of records related to any of those things (a Sensitive Employee) must be subjected to the following 'employee due diligence' (EDD) procedure. 

BPX must, before engagement and at intervals of no more than 24 months:

(a)           check that each Sensitive Employee is not on a Prescribed List;

(b)           conduct a criminal record check, credit check, bankruptcy check and PEP check of each Sensitive Employee;

(c)           upon any material variation of duties of an existing employee (which result in the person remaining or becoming a Sensitive Employee), consider whether any new duties involve greater ML/TF Risk;

(d)           not allow a person to be a Sensitive Employee if the person is on a Prescribed List, has committed a criminal offence involving dishonesty or terrorism, or appears to pose a ML/TF Risk.

BPX must consider whether each Sensitive Employee is suitable having regard to ML/TF Risk.

If any employee fails to comply with a requirement of the AML/CTF Dealing Procedures of this program, the employee must be counselled by his/her supervisor or the AML/CTF Compliance Officer.  In circumstances of repeated or material breach of AML/CTF Dealing Procedures, BPX may take, or direct a contractor to take, more stringent action including dismissal of the employee if appropriate.

6. Risk awareness training program

Training will be given to each Sensitive Employee on employment or engagement and again at no longer than 12 monthly intervals.  Training will encompass an understanding of ML/TF Risk and how to identify it, the procedural requirements of this program and other specific requirements of the AML/CTF Act (eg suspicious matter reporting).

Training will be also refreshed upon a material increase in duties, a material change in this program and a material or repeated instance of non-compliance with this program.

The AML/CTF Compliance Officer will remain up-to-date with the above training and will maintain higher expertise in ML/TF Risk and the purpose and requirements of the AML/CTF Act and Rules.

7. Risk assessment - existing designated services

BPX has assessed the ML/TF Risks in its business operations in accordance with AML/CTF Rule 8.1.3 and considers that:

• Account opening and exchange transacting;
• BPX's customer engagement and transacting procedures; and
• all associated systems and technologies,

inherently do not pose a high ML/TF Risk.^[1]  

BPX is committed to keeping its risk assessment of its existing services under continuing review during the early years of its operations and, accordingly, will conduct a fresh full risk assessment after each of 6, 12 and 18 months after commencement of operations.  BPX will promptly consider the results of such assessments with a view to updating the effectiveness of this program, if practicable.

8. Risk assessment - proposed new investment offering or procedure

Prior to a material variation to BPX's account opening or exchange transacting procedures, or the offering of new services or the promotion of services in new markets or jurisdictions, BPX will assess:

• the inherent ML/TF Risk of that proposed new procedure, product or channel; and
• the ML/TF Risk in circumstances and with types of users which can be anticipated,

in order to consider whether any amendment to this program is desirable to materially improve the prospect of identifying, managing or mitigating ML/TF Risk. 

9. Relationship with AUSTRAC

Subject to any other legal requirements, BPX will conduct all dealings with officers of AUSTRAC promptly and in good faith.

All written requests, suggestions and comments by AUSTRAC, whether or not made pursuant to a specific statutory power of AUSTRAC, will be carefully considered by the AML/CTF Compliance Officer and, if he/she so decides or if AUSTRAC so requests in writing, also by the board of directors of BPX.

10. Record-keeping

In order to promote systemic compliance with Division 2 of Part 10 of the AML/CTF Act, BPX will ensure that all application forms, identity-related documentation (as set out in Annexure A), transaction documents, trading records and documents created or collected to comply with this program are kept for at least 7 years after the relevant user has ceased to be an user.

User Elements

11. Simplified outline of user-dealing procedures

In summary, the AML/CTF Dealing Procedures (clauses 11 to 20) require^[2]:

(a)         Customer (user) identification and verification as required by the Act (see clause 18);

(b)         Risk rating (see clause 12);

(c)         Transaction monitoring (see clause 13);

(d)         Possibly further KYC information (see clause 14), if required by this program;

(e)         Possibly enhanced CDD (see clause 15), if required by this program;

(f)          Suspicious matter reporting (see clause 16);

(g)         Reverification of identity if reasonable doubt about identity (see clause 20).

12. Risk Rating

Unless this program or a decision made under this program requires otherwise, all users and known Beneficial Owners will be automatically rated as 'Low Risk'.^[3]   An user or Beneficial Owner will be considered to be 'High Risk' if listed in the BPX ML/TF Risk Register.

A user or known Beneficial Owner will be listed in the BPX ML/TF Risk Register if:

• one or more of the following Risk Factors applies:

-                  the person is a resident or citizen of, or is associated with an entity in, a non-FATF compliant jurisdiction;

-                  the person is a known criminal record holder or is known to have engaged in ML/TF;

-                  the person's funds have been received other than by transfer from a financial institution in a FATF compliant jurisdiction or by Australian cheque;

-                  a Suspicious Matter Report has been lodged about him/her in the last 3 years;

• the person is a Politically Exposed Person; or
• AML/CTF Compliance Officer decides that doing business with the person involves materially greater ML/TF Risk than usual. 

13. Transaction monitoring

The AML/CTF Compliance Officer will monitor the opening of all accounts by an user and the lodgement of orders by an user with a view to identifying mitigating and managing the risk that the investment might involve or facilitate money laundering or terrorism financing.  The AML/CTF Compliance Officer will do so by looking for

• unusual patterns of transactions, including transactions with no apparent economic purpose;
• unusual circumstances;
• any apparent or reasonably conceivable change to the nature or purpose of the user’s business relationship with BPX;
• changes to digital currency trading patterns coinciding with changes in Beneficial Ownership or control structures of the user; and
• any appearance or reasonable inference that the user is acting for or under the influence of another person,

prompted in part by the reports set out below.

In reviewing transactions generally, the AML/CTF Compliance Officer will consider whether it is appropriate to:

• lodge Suspicious Matter Reports;
• add a person to the ML/TF Risk Register (i.e. re-classification of a person to High Risk);
• seek further KYC information (see section 14); or
• propose to BPX’s board the modification of this program.

Reports to be prepared for the AML/CTF Compliance Officer (some to be prepared by VixVerify):

(a)         weekly report of all customer transactions over A$10,000 in value;

(b)         weekly report of BPX account withdrawals remitted to customer bank account in a jurisdiction other than jurisdiction of residence of the customer;

(c)         weekly report of BPX account withdrawals remitted to customer bank account in currency other than the currency of jurisdiction of residence of the customer;

(d)         weekly report of accounts opened that involved delays or difficulties due to the nature of the identity documents;

(e)         weekly report showing customers whose identity verification has used non-FATF compliant jurisdictions identity documents;

(f)          weekly report from each customer interfacing officer about unusual customer requests, eg to make a cash deposit;

(g)         weekly report of customers requesting password re-set due to lost or forgotten password;

(h)         report of adverse results of a check of names of users and known Beneficial Owners against the World Check database;

(i)          report of each transaction by a PEP or High Risk user or an user associated with a High Risk known Beneficial Owner (as identified in the Risk Register).

14. Further KYC information

In addition to the standard collection of KYC information (see clause 19) or re-verification (see clause 20), additional KYC information will be collected in two circumstances:

• upon classification of an user (or one of its associated known Beneficial Owners) as High Risk;
• an user is the subject of a transaction monitoring report type (b), (c), (d) or (e) referred to in clause 13 (even if the report did not result in a reclassified Risk Rating).

In those circumstances the following further KYC information will be sought by direct request to the user.  If a satisfactory response is not received, the AML/CTF Compliance Officer must contemplate making a Suspicious Matter Report.

Types of information

• for an individual - any maiden name or former name;
• for an individual - countries of citizenship and residence;
• for an individual - occupation and employer or business activity;
• for non-individuals – the locations of business offices and jurisdictions of business activity;
• for non-individuals – the control structure of the user including (as appropriate) details of senior managing officials, holders of 25% or more voting rights or powers of veto and individuals who hold power to appoint or remove trustees;
• for foreign companies - whether the company is registered in Australia with ASIC as a foreign company;
• for all - the source of the user’s and Beneficial Owner’s funds & wealth;
• for all - Beneficial Ownership information.

More generally, the AML/CTF Compliance Officer shall seek to gain some insight into the circumstances, motivation and methods of the user.

15. Enhanced Customer Due Diligence (ECDD)

If an user is classified as High Risk or if any suspicion has arisen about an user or Beneficial Owner, the AML/CTF Compliance Officer must consider whether any useful purpose would be served by taking any of the following steps, and must in any event take one or more of such steps (ECDD):

• Endeavour to obtain further or updated KYC information, as set out at clause 14 to the extent not already obtained, or seek to obtain such information from sources other than the user or Beneficial Owner;
• Undertake more detailed analysis;
• Pursue verification or re-verification of information;
• Undertake specific transaction monitoring or analysis;
• Liaise with a relevant regulator or law enforcement authority.

In addition, a Suspicious Matter Report must be lodged if necessary.

More generally, an user or Beneficial Owner subject to ECDD should be constantly monitored by the AML/CTF Compliance Officer with a view to considering any suspicions which are relevant to ML/TF Risk.  Such contemplation will not be limited to specific aspects, but will be holistic and draw upon the AML/CTF Compliance Officer’s training in identifying ML/TF Risk.

16. Suspicious Matter Reports

The AML/CTF Compliance Officer will lodge Suspicious Matter Reports (containing the information required by AML/CTF Rule 18.2 to the maximum extent possible) as required by section 41 of the AML/CTF Act.

In simple terms, that means lodging a report when the AML/CTF Compliance Officer or a senior staff member suspects on reasonable grounds:

• that an user is not the person who they claim to be, or that an officer of a non-individual user is not the person the officer claims to be;
• that information concerning account opening or exchange transacting may be relevant to the investigation or prosecution of evasion of State, Territory or federal taxation law, or of an offence against a law of the Commonwealth or of a State or Territory, or may be of assistance to enforcement of the Proceeds of Crime Act 2002 (Cth) or of a corresponding State or Territory law;
• that account opening or exchange transacting is preparatory to a financing of terrorism offence, or that the information may be relevant to the investigation or prosecution of an offence of financing of terrorism;
• that account opening or exchange transacting is preparatory to the commission of an offence of money laundering, or that the information may be relevant to the investigation or prosecution of a money laundering offence.

If a staff member forms the suspicion, he/she must notify the AML/CTF Compliance Officer who will lodge the report.  Because of section 123 of the AML/CTF Act (offence of tipping off), the Officer cannot tell the staff member that he/she shares the suspicion or has lodged a report. 

17. Special High Risk users

(a)        Senior management approval

If an user or an associated Beneficial Owner is identified as a Foreign Politically Exposed Person, the AML/CTF Compliance Officer must ensure that the user and all known information is referred to BPX’s Managing Director for a decision on whether to establish or continue a business relationship with the user.

(b)         Ceasing to deal

The AML/CTF Compliance Officer should consider whether a High Risk user who is known or suspected to have engaged in money laundering or terrorism financing, or is currently at extreme ML/TF risk, should have his/her/its BPX account closed.

BPX will not open accounts, or allow accounts to remain open, for a person whom it becomes aware is on a Prescribed List and should not be dealt with under Australia’s terrorism legislation (DFAT list, Charter of the United Nations (Terrorism and Dealings with Assets) Regulations 2002).

18. Definitions

The following terms have the following meanings:

AML/CTF Act	means the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).
AML/CTF Dealing Procedures	means clauses 11 to 20 of this program.
AML/CTF Rules	means rules made by AUSTRAC under the AML/CTF Act.
Beneficial Owner	means an individual who ultimately owns or controls (directly or indirectly) an user (within the extended meaning in paragraph 1.2.1 of the AML/CTF Rules, including owners of interests of 25% or more).
Beneficial Ownership Information	means the full name, date of birth, full residential address and PEP status of each Beneficial Owner of the user.
Designated service	has the same meaning as in the AML/CTF Act,
FATF	means the Financial Action Task Force on Money Laundering.
FATF compliant	means a jurisdiction that has AML/CTF laws that are generally regarded as meeting FATF standards (see AUSTAC website).
ML/TF Risk	means money laundering or terrorism financing risk.
ML/TF Risk Register	means an electronic database (or flags and notes in an existing database such as an account register) about users which records Risk Information and records current Risk Ratings.
Officer	includes any person acting in that role.
Passport	means a passport or similar document for the purpose of identity for international travel issued by a national government.
Politically Exposed Person	means an individual who holds a prominent public position or function in a government body (local, state, territory, national or foreign) or an international organisation (for example Heads of State or of government, senior politicians, senior government, judicial or military officials, senior executives of state owned corporations, important political party officials) or an immediate family member of such an individual or a person who has joint ownership of an entity or assets with such an individual.
Prescribed List	means the list of terrorists or persons subject to sanctions maintained by the Department of Foreign Affairs & Trade or the Reserve Bank of Australia or the positive results generated by the WorldCheck database.
Risk Information	means information about attributes or 'Risk Factors' set out in clause 12.
Risk Rating	means a rating of 'Low Risk' or 'High Risk' assigned to an user or a Beneficial Owner under clause 12, which is reflected in the ML/TF Risk Register in respect of the user.
User	means a proposed customer or a customer of BPX who seeks to open or has an account with BPX.

 

PART B - CUSTOMER IDENTIFICATION

19. Customer (user) identification and verification 

19.1        Identification

New users must be identified as follows before a BPX account is opened. 

The user will be required to provide the following attributes, on its application form (Basic KYC Attributes).  Details of the Basic KYC Attributes must be recorded by BPX.

(a)         Individual applicant(s)

Full name, nationality, residential address and date of birth and a declaration as to whether he or she is a Politically Exposed Person.

If the applicant is foreign, BPX must also check an appropriate database to identify whether the applicant is a Politically Exposed Person.

(b)         Corporate applicant(s)

Full corporate name, full Australian registered office address^[4], full address of principal place of business in Australia, ACN or ARBN (or foreign regulator registration identifier), proprietary/private or public status.  If a proprietary or private company (and not a regulated company), also the full name of each director and the name, date of birth and full residential address of any individual who owns more than 25% of the issued capital.  Also, if foreign, country of incorporation and Australian local agent (if any).

A corporation must identify a single representative or joint representatives to act on behalf of the corporation.

(c)         Trustee(s)

Full name of the trust, type of trust, country of establishment of trust, business name of trustee (if any), full details of the trustees (as above) according to whether each trustee is an individual or corporation and Beneficial Ownership Information of any identifiable Beneficial Owners.  Also, unless the trust is a registered MIS (ie has an ARSN), an unregistered (wholesale client) MIS, an APRA regulated trust or a government superannuation fund established by legislation, the full name of each beneficiary of the trust (or if unascertainable because of a class of beneficiaries, details of that class to the extent practical, eg identify 'family members of x') and the name of the settlor of the trust if alive and the settlement sum is $10,000 or more, from a copy of the trust deed or a sufficient extract.

(d)         Custodians and nominee companies

Corporate details of custodian or nominee company (see 'corporate applicants'), AFSL (or foreign equivalent licence) number and name of beneficiary/beneficiaries.

(e)         Partnerships, associations, co-operatives, government bodies

Minimum KYC information as set out in AML/CTF Rules (not set out here as those entity types are not usual for BPX).  If occasion arises, refer to Annexure A and confer with the AML/CTF Compliance Officer.

(f)          High Risk applicants – additional information

Where an applicant is considered High Risk at the time of application, also obtain from the applicant its/his/her business activity or occupation and employer.

19.2        Verification

An user’s identity must be verified and the method of verification must be recorded.

'Verification' requires verification of some of an user’s Basic KYC Attributes (as follows).  To the extent that the information to be verified is that about an individual or not fully prescribed below, verification must occur by a means set out in Annexure A: ^[5]

(a)         Individual applicant(s)

(i)          Full name; and

(ii)         Residential address OR date of birth.

(b)         Corporate applicant(s)

(i)          Existence of corporation* -  corporate name, ACN or ARBN (or foreign regulator registration identifier), proprietary/private or public status;

(ii)         Name and address of each beneficial owner of a proprietary or private company, unless it is licensed by a government regulator (eg an AFSL holder regulated by ASIC, an ADI regulated by APRA, an energy retailer regulated by AER). 

*If the entity is a domestic listed company, a majority owned subsidiary of a domestic listed company or is licensed by a government regulator, a search of ASIC, ASX or the regulator’s database is adequate.  Otherwise, a search of the database of ASIC or the foreign corporate regulator is sufficient if the applicant is Low Risk.  If High Risk, independent and reliable documentation from a financial institution of which the applicant is a client is required.

(c)         Trustee(s)

Verification by a document issued by, or downloadable from a website of, ASIC, ATO or another reliable governmental sources that the trust is a registered MIS (ie has an ARSN), an unregistered (wholesale client) MIS, an APRA regulated trust or a government superannuation fund established by legislation.

Otherwise, verification of the full name of the trust by sighting an original or certified copy of the trust deed or a ATO notice of assessment for the trust issued within the last 12 months, verification of trustees to the extent and in the manner set out above according to whether each trustee is an individual or corporation, and the full name of each beneficiary of the trust (or if unascertainable because of a class of beneficiaries, details of that class from the deed and supporting documentation).

(d)         Custodians and nominee companies

Sight copy of AFSL (or foreign equivalent licence to act as a custodian) or check authorised activities (ie that include custody) on ASIC’s AFSL Register.  If the custodian or nominee company is not an Australian company, also verification as required for a 'corporate applicant' (see above).

(e)         Partnerships, associations, co-operatives, government bodies

As set out as minimum requirements in AML/CTF Rules (not set out here as those entity types are not usual for BPX).  If occasion arises, refer to Annexure A and confer with the AML/CTF Compliance Officer.

19.3        Discrepancies

Any discernible discrepancy between a claimed identity and the offered documentation must be recorded and, if it relates to a circumstance other than a change of name on marriage or an obvious typographical error, must be subject to further enquiry of the user (and a record kept).  Such matter should be referred to the AML/CTF Compliance Officer.

19.4        Agent to conduct verification

BPX may authorise or allow a person to conduct identification and verification, on its behalf, in accordance with this program if the agent is itself a reporting entity (regardless of the type of designated services which it provides) or is the equivalent under a foreign regime which conforms to the FATF principles and the person contractually commits to keeping its records available to BPX.

20. Reverification of identity

Where BPX suspects on reasonable grounds that a user is not the person which/who it/he/she claims to be, the user must be flagged or identified on the Risk Register as an user to be re-verified within 14 days, and the AML/CTF Compliance Officer should consider whether to seek to obtain further KYC information under clause 14.

Where the user is a client of a 'financial planner' (within the meaning in the Guidance Note) which introduced the user, the AML/CTF Compliance Officer will make contact through the financial planner to the extent feasible.

Annexure A        Customer identification and verification detail

(Based on FSC/FPA Guidance Note 'Managing mutual obligations under Chapter 7 of the Anti-Money Laundering and Counter-Terrorism Financing Rules (Schedule 1 to Schedule 8))

*For use for Low Risk applicants

Schedule 1                  Individuals

Where the customer is an individual, BPX must be reasonably satisfied that the individual is the person that they claim to be.

1. Collect

(a)         Full name;

(b)         Date of birth; and

(c)         Residential address

Also, collect the following for sole traders:

(d)         Full business name (if any);

(e)         Full address of the principal place of business (if any); and

(f)          ABN (if any)

2. Verify

(a)         Full name; and

(b)         Either date of birth or residential address.

3. Verification method

3.1        Standard Customer Verification Procedure

The following procedure should be conducted in all cases, where possible:

Australian Documentation

Foreign Documentation

Original or certified copy* of a current: •                  Australian driver’s licence containing a photograph of the person; or •                  Australian Passport[6]; or •                  Card issued under a law of a State or Territory for the purpose of proving a person’s age which contains a photograph of the person in whose name the document is issued.

•                  Original or certified copy* of a current: •                  Foreign passport or similar document issued for the purpose of international travel, that contains a photograph and the signature of the person in whose name the document is issued Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator

*See Schedule 8 on what can be a certified copy or extract of a document.

3.2        Non-Standard Customer Verification Procedure

The following procedure should only be conducted where:

(a)         A standard customer verification procedure is unable to be conducted; or

(b)         BPX forms the view that a discrepancy arose from the information collected and verified using the standard customer verification procedure; or

(c)         Having conducted the standard customer verification procedure, BPX is not reasonably satisfied that the customer is the individual he or she claims to be.

Australian Documentation

Foreign Documentation

An original or certified copy* of: •                  Australian birth certificate; or •                  Australian citizenship certificate; or •                  Pension card issued by Centrelink; or •                  Healthcare card issued by Centrelink; and •                  An original notice issued to an individual, or a kind listed below, that contains the name of the individual and his or her residential address: -                  Issued by the Commonwealth or a State or Territory within the preceding 12 months that records the provision of financial benefits to the individual; or -                  Issued by the Australian Taxation Office within the preceding 12 months that records a debt payable to or by the individual by or to the Commonwealth under a taxation law; or -                  Issued by a local government body or utilities provider within the preceding 3 months that records the provision of services to that address or to that person; or •                  If the customer is under the age of 18, a note that: -                  Was issued to by a school principal within the preceding three months; -                  Contains the name of the customer and his or her residential address; and -                  Records the period of time that the customer attended at the school.

In general, BPX should be cautious about arranging for the provision of a product or service for a customer that presents foreign-based identification other than a foreign passport. However, in the event the customer has not presented a foreign passport, an example of an acceptable 'non-standard foreign documentation customer verification procedure' would be based on: An original or certified copy* of a current: •                  National Identity Card issued by a foreign government containing a photograph and signature of the person in whose name the card is issued; and •                  Foreign driver’s licence that contains a photograph of the person in whose name it was issued. Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited interpreter.

*See Schedule 8 on what can be a certified copy or extract of a document.

Schedule 2                  Companies

1. Collect the following

Australian company	Foreign company registered by ASIC	Foreign company not registered by ASIC
The full name of the company as registered by ASIC		The full name of the company
N/A	The country in which the company was formed, incorporated or registered
N/A	Whether the company is registered by the relevant foreign registration body
N/A	If the company is registered by the relevant foreign registration body, the name of the relevant foreign registration body
The full address of the company’s registered office in Australia		If the company is registered by the relevant foreign registration body, the full address of the company in its country of formation, incorporation or registration as registered by the relevant foreign registration body. OR
The full address of the company’s principal place of business, if any	The full address of the company’s principal place of business in Australia (if any) or the full name and address of the company’s local agent in Australia (if any)	If the company is not registered by the relevant foreign registration body, the full address of the principal place of business of the company in its country of formation or incorporation.
The ACN issued to the company	The ARBN issued to the company	If the company is registered by the relevant foreign registration body, any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration.
Whether the company is registered by ASIC as proprietary or public company	If the company is registered by the relevant foreign registration body, whether it is registered as a private or public company or some other type of company by the relevant foreign registration body.
If the company is registered as a proprietary company, the name of each of the directors of the company	If the company is registered as a private company by the relevant foreign registration body, the name of each director of the company
Unless the company is an Australian listed company (or a subsidiary of one) or a regulated company, the full name, date of birth and full residential address of each Beneficial Owner.
If the company is a regulated company, the name of the regulator and details of the relevant licence.
If the company is a proprietary company and is not a regulated company, the name and residential address of any individual who owns through one or more shareholdings more than 25% of the issued capital of the company.	If the company is a proprietary or private company and is not a regulated company, the name and residential address of any individual who owns through one or more shareholdings more than 25% of the issued capital of the company.
If the company is a majority-owned subsidiary of an Australian listed company, the name of the Australian listed company and the name of the relevant market/exchange.
If the company is a listed company, the name of the relevant market/exchange.

2. Verify the following:

(if the company falls into more than one company type, choose one of the relevant company types and verify all of the requirements for that type):

Company type	Verify the following information
Australian company	The full name of the company as registered by ASIC. Whether the company is registered by ASIC as a proprietary or public company. The ACN issued to the company.
Foreign company registered by ASIC	The full name of the company as registered by ASIC. Whether the company is registered by the relevant foreign registration body, and if so whether it is registered as a private or public company. The ARBN issued to the company.
Foreign company not registered by ASIC	The full name of the company. Whether the company is registered by the relevant foreign registration body and if so: •                  any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration; and •                  whether the company is registered as a private or public company.
Listed company (foreign or Australian)	That the company is a listed company
Majority-owned subsidiary (foreign or Australian) of an Australian listed company	That the company is a majority owned subsidiary of an Australian listed company.
Regulated company (foreign or Australian)	That the company is a regulated company.

3. Verification Method:

(use one or more of the verification methods set out below for the company type chosen in item 2 of this Schedule):

Australian company Foreign company registered with ASIC	Foreign company not registered with ASIC	Listed company Majority owned subsidiary of an Australian listed company Regulated company
A search of the ASIC database. If the ASIC database is not reasonably available, an original or certified copy* of a certificate of registration issued by ASIC	A search of the relevant foreign registration body. If that source is not reasonably available, an original or certified copy* of a certificate of registration (or equivalent) issued by the relevant foreign registration body. If it is not possible to verify the company from either or both of the above, a disclosure certificate from the company given by an agent of the company verified in accordance with Schedule 1	A search of the relevant financial market. A search of the ASIC database. A search of the licence or other records of the relevant Commonwealth, State or Territory statutory regulator.   A public document issued by the relevant company.
Non-English documents: Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator.

* See Schedule 8 on what can be a certified copy or extract of a document.

4. Definitions for this Schedule:

Australian company means a company (other than a foreign company) that is registered by ASIC under the Corporations Act 2001.

Australian financial market means a financial market operated by:

(a)         Australia Pacific Exchange Limited;

(b)         Australian Securities Exchange Limited;

(c)         Bendigo Stock Exchange Limited;

(d)         Stock Exchange of Newcastle Limited; or

(e)         any other prescribed financial markets for the purposes of section 9 of the Corporations Act 2001 (Cth), as amended or replaced from time to time.

Australian listed company means an Australian company that is a public company included in the official list of an Australian financial market.

Foreign company means a company that is incorporated in a country other than Australia and its Territories.

Listed company means:

(a)         and Australian listed company;

(b)         a foreign company registered with ASIC that is a company included in the official list of an Australian financial market; or

(c)         a foreign company (whether or not registered with ASIC) that is a company whose shares, in whole or in part, are listed for quotation in the official list of any of the following financial markets:

•                  American Stock Exchange	•                  NASDAQ National Market
•                  Borsa Italiana	•                  New York Stock Exchange
•                  Bourse de Paris	•                  New Zealand Stock Exchange
•                  Bursa Malaysia Main Board and Bursa Malaysia Second Board	•                  Stock Exchange of Singapore •                  SWX Swiss Exchange
•                  Eurex Amsterdam	•                  Tokyo Stock Exchange
•                  Frankfurt Stock Exchange	•                  Toronto Stock Exchange
•                  Hong Kong Stock Exchange •                  JSE Securities Exchange •                  London Stock Exchange

Public company includes any foreign company that is a listed company and not a private company.

Public document has the meaning given to that term in the Corporations Act 2001 (Cth).  It includes, for example, an annual report, prospectus, or product disclosure statement issued by the relevant company.

Regulated company means a company (whether Australian or foreign) that is licensed and subject to the regulatory oversight of a Commonwealth, State or Territory statutory regulator in relation to its activities as a company, including a company that:

(a)         has an Australian financial services licence (AFSL); or

(b)         is regulated by the Australian Prudential Regulation Authority.

Schedule 3                  Trusts and Trustees

1. Collect the following information

(if the trust falls unto more that one trust type, choose one of the relevant trust types and collect all of the requirements for that type):

Registered scheme Regulated trust Government superannuation fund	Any other trust (including custodian or nominee company*) *See below for simplified explanation
Full name of the trust
Full business name (if any) of the trustee in respect of the trust
The type of trust
The country in which the trust was established
If the trust is a registered scheme, the scheme’s ARSN. If the trust is a regulated trust, the name of the regulator and relevant ABN, registration/licensing details. If the trust is a government superannuation fund established under legislation, the name of that legislation.	Full name of each beneficiary AND/OR If the terms of the trust identify the beneficiaries by reference to membership of a class – details of the class
	Full name and residential address of each trustee who is an individual
	Full name and address of each trustee who is not an individual
	Full name, date of birth and full residential address of each identifiable Beneficial Owner
	Name of settlor of trust if he or she is alive and settlement sum was $10,000 or more
In respect of one of the trustees (identified trustee), the information required to be collected for an individual under Schedule 1 or for a company under Schedule 2, as applicable.

2. Verify the following

(if the trust falls into more than one trust type, choose one of the relevant trust types and verify all of the requirements for that type):

 

Registered scheme Regulated trust Government superannuation fund	Any other trust (including custodian or nominee company)
The full name of the trust. That the trust is a registered scheme, regulated trust or government superannuation fund, as applicable.	The full name of the trust. In respect of the identified trustee, the information required to be verified for an individual under Schedule 1 or for a company under Schedule 2, as applicable.

3. Verification method

(use one or more of the verification methods set out below for the trust type chosen in item 2 of this Schedule):

Registered scheme Regulated trust Government superannuation fund	Any other trust (including custodian or nominee company)
A search of the ASIC, ATO or relevant regulator’s website (eg. 'Super Fund Lookup' at www.abn.business.gov.au). A copy or relevant extract of the legislation establishing the government superannuation fund sourced from a government website.	In relation to the name of the trust: •                  an original, certified copy* or certified extract* of the trust deed or document (including, in the case of an extract, the part containing the name of the settlor and the settlement sum); or •                  a notice (such as a notice of assessment) issued by the Australian Taxation Office within the last 12 months; or •                  a letter from a solicitor or qualified accountant verifying the name of the trust; or •                  details of a custodian’s AFSL (or foreign equivalent).
N/A	In relation to the identified trustee, the methods of verification for an individual under Schedule 1 or for a company under Schedule 2, as applicable.

Non-English documents

Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator.

* See Schedule 8 on what can be a certified copy or extract of a document.

4. Definitions for this Schedule

Registered scheme means a trust that is a managed investment scheme registered by ASIC.

Regulated trust means a trust that is:

(a)         a self-managed superannuation fund within the meaning of section 19 of the Superannuation Industry (Supervision) Act 1993 (Cth), the relevant regulator is the Australian Taxation Office;

(b)         a regulated superannuation fund, an approved deposit fund, a pooled superannuation trust, or a public sector superannuation scheme, within the meaning of the Superannuation Industry (Supervision) Act 1993 (Cth), including small APRA-regulated funds, the relevant regulator is the Australian Prudential Regulation Authority; or

(c)         any other trust that BPX identifies as a trust that is registered and subject to regulatory oversight of a Commonwealth statutory regulator in relation to its activities as a trust.

Government superannuation fund means a government superannuation fund established by legislation.

Membership of a class includes for example unit holders of the relevant trust, family members of a named person/s etc.

SIMPLIFIED PROCEDURE FOR CUSTODIAN OR NOMINEE COMPANY WITH AFSL OR FOREIGN EQUIVALENT

Collect

• Name of custodian or nominee company, jurisdiction, address, company number and licence number.
• Full name of immediate beneficiary.

Verify

Verification of the custodian’s AFSL (or foreign equivalent).

The above is not sufficient if the jurisdiction is a 'FATF Blacklist' jurisdiction.

Schedule 4                  Partnerships

1. Collect the information required in both columns below

Information about the Partnership

Information about one Partner (Verified Partner)

•                  Full name of the partnership. •                  Full registered business name and/or trading name (if any) of the partnership. •                  The country in which the partnership was established. •                  If the partnership is regulated by a professional association, the name of the professional association and relevant membership details. •                  If the partnership is not regulated by a professional association, the full name and residential address of each partner in the partnership.

For at least one of the partners, information required for an Individual as outline in Schedule 1.

2. Verify all of the information required in both columns below

Information about the Partnership	Information about verified partner
Full name of the partnership. If the partnership is regulated by a professional association, membership of that professional association.	Information as required for an Individual outlined in Schedule 1.

3. Verification method

Verification of information about the partnership	Verification of information about one partner (Verified partner)
In relation to the name of the partnership: •                  An original partnership agreement; or •                  A certified copy* or certified extract* of the partnership agreement; or •                  A certified copy* or certified extract* of minutes of a partnership meeting; or •                  Membership details independently sourced from the current membership directory of the relevant professional association; or •                  A search of the relevant ASIC or other regulator’s database; or •                  A notice (such as a notice of assessment) issued by the Australian Taxation Office within the last 12 months; or •                  An original or certified copy* of a certificate of registration of business name issued by a government or government agency in Australia; or •                  A letter from a solicitor or qualified accountant verifying the name and existence of the entity. In relation to the partnership’s membership of a professional association, membership details independently sourced from the current membership directory of the relevant association.	Verification procedures as outlined in standard customer verification procedures in Schedule 1: Individuals.
Non-English documents Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator.

* See Schedule 8 on what can be a certified copy or extract of a document.

Schedule 5                  Associations

1. Collect

Information about an Incorporated Association	Information about an Unincorporated Association
Full name of the association
One of the following: •                  the full address of the association’s principal place of administration; or •                  the full address of the association’s registered office (if any); or •                  the full name and residential address of the association’s public officer (or of the president, secretary or treasurer, if no public officer).	Full address of the association’s principal place of administration (if any).
Full name of the chairman, secretary and treasurer (or equivalent officers)
Any unique identification number issued upon incorporation by the relevant registration body.	In respect of a member of the unincorporated association (verified member), information required for an Individual as outlined in Schedule 1.

2. Verify

Information about an Incorporated Association	Information about an Unincorporated Association
Full name of the association; and Any unique identification number.	Full name of the association; and In respect of the 'verified member', information as required for an individual as outlined in Schedule 1.

3. Verification method

The following procedure should be conducted in all cases, where possible:

Incorporated Association	Unincorporated Association
•                  An original, certified copy* or certified extract* of the Constitution or Rules of the association; or •                  Information provided by ASIC or the government body responsible for the incorporation of the association.	•                  An original, certified copy* or certified extract* of the Constitution or Rules of the association; or •                  In relation to the 'verified member' verification procedures as required for an individual as outlined in Schedule 1.
Non-English documents Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator.

* See Schedule 8 on what can be a certified copy or extract of a document.

Schedule 6                  Registered Co-operatives

1. Collect

(a)         Full name of the registered co-operative; and

(b)         Full name of the chairman, secretary and treasurer or equivalent officer in each case; and

(c)         One of the following:

(i)          Full address of the co-operative’s registered office; or

(ii)         Full address of the co-operative’s principal place of operations (if any); or

(iii)        Full name and residential address of the co-operative’s secretary (or if there is no such person, the co-operative’s president or treasurer); and

(iv)        Any unique identification number issued upon its registration by the relevant registration body.

2. Verify

(a)         Full name of the registered co-operative; and

(b)         Any unique identification number issued to the co-operative upon registration.

3. Verification method

One or more of the following sources must be used to verify the required information:

(a)         An original, certified copy* or certified extract* of the register maintained by the co-operative; or

(b)         Information provided by ASIC or the government body responsible for the registration of the co-operative.

Non-English documents

Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator.

Schedule 7                  Government bodies

1. Collect

(a)         Full name of the government body; and

(b)         Full address of the government body’s principal place of operations; and

(c)         Whether the government body is a body of:

(i)          the Commonwealth of Australia; or

(ii)         a State, Territory or a Foreign Country (and if so, the name of the relevant State, Territory of Foreign Country).

2. Verify

(a)         Full name of the government body;

(b)         Full address of the government body’s principal place of operations; and

(c)         Whether the government body is a body of:

(i)          the Commonwealth of Australia; or

(ii)         a State, Territory or a Foreign Country (and if so, the name of the relevant State, Territory of Foreign Country).

3. Verification method

The following procedure should be conducted in all cases, where possible:

(a)         Search the relevant Commonwealth, State, Territory or Foreign Country website for confirmation of the government body’s existence; or

(b)         Review the relevant Commonwealth, State, Territory or Foreign Country register of government bodies (where available); or

(c)         If the government body is established under legislation, a copy or relevant extract of the legislation obtained from a reliable and independent source, such as a government website.

Non-English documents

Where any document relied on as part of the procedure is in a language that is not English, it must be accompanied by an English translation prepared by an accredited translator.

 

Schedule 8                  Certified copy (of an original document)

Certified copy means a document that has been certified as a true copy of an original document by one of the persons described in paragraphs 1 – 15 below.

Certified extract means an extract that has been certified as a true copy of some of the information contained in a complete original document by one of the persons described in paragraphs 1 – 15 below.

People who can certify document or extracts are:

1. a lawyer – a person who is enrolled on the roll of the Supreme Court of a State or Territory or High Court of Australia, as a legal practitioner (however described);
2. a judge of a court;
3. a magistrate;
4. a chief executive officer of a Commonwealth Court;
5. a registrar or deputy registrar of a court;
6. a Justice of the Peace;
7. a notary public (for the purposes of the Statutory Declaration Regulations 1993);
8. a police officer;
9. a postal agent – an agent of the Australian Postal Corporation who is in charge of an office supplying postal services to the public;
10. the post office – a permanent employee of the Australian Postal Corporation with 2 or more years of continuous service who is employed in an office supplying postal services to the public;
11. an Australian consular officer or an Australian diplomatic officer (within the meaning of the Consular Fees Act 1955);
12. an officer with 2 or more years continuous service with one or more financial institutions (for the purposes of the Statutory Declarations Regulations 1993);
13. a finance company officer with 2 or more continuous years of service with one or more financial companies (for the purposes of the Statutory Declarations Regulations 1993);
14. an officer with, or authorised representative of, a holder of an Australian financial services licence, having 2 or more continuous years of service with one or more licensees; and
15. an accountant – a member of the Institute of Chartered Accountants in Australia, CPA Australia or the National Institute of Accountants with 2 or more years of continuous membership.

 

^[1] Rather, any material risks would arise by a combination of the circumstances and the identity and motivations of the relevant user and any associates.  Accordingly, this program seeks to focus on relevant combinations of such factors, to the extent that they can be reasonably discerned by BPX.  This view of inherent risk takes into account the prudent administrative procedures of BPX which include aspects such as careful scrutiny of account opening documentation, no handling of cash and a prohibition on remitting withdrawal moneys to third party bank accounts.  BPX’s procedures will meet international best-practice for administration of accounts with financial institutions.

^[2] No ‘threshold transaction’ reports will be required because BPX will not handle cash (this includes not accepting mandate instructions accompanied by cash).  Item (a) satisfies Division 2 of Part 2 of the Act.  Items (c) to (e) constitute ‘ongoing customer due diligence’ within the meaning of section 36 of the Act.

^[3] This is the ‘default’ rating.  ‘Low risk’ is a concept of relativity among the risks faced by BPX, not a view that in abstract any particular person inherently poses a low risk in an absolute sense.

^[4] Foreign companies carrying on business in Australia must register with ASIC.  There are some exceptions, but a company that is a regular ‘user’ is unlikely to fall within them.  See clause 14.

^[5] Appendix A is based on the industry model adopted in FSC/FPA Industry Guidance Note No 24 ‘Managing mutual obligations under Chapter 7 of the Anti-Money Laundering and Counter-Terrorism Financing Rules which BPX has considered and regards as appropriate for Low Risk users, given the ML/TF Risks which it might reasonably face.

^[6] It is permissible for a passport issued by the Commonwealth to have expired within the preceding two years.