Back

AML/KYC POLICY

This AML/KYC Policy (hereinafter referred to as the “AML Policy”) determines the procedure implemented by Paily AS, the compаny registered under the registration number 12426661 аt Mааkri street 19/1, Tаllinn, Estoniа (hereinafter referred to as “Paily”), on identification of the Users using the Services of Paily, as well as the procedure for customer due diligence applicable to all Users of the Services and the procedure on monitoring of Users’ transactions associated with the use of the Services.

The AML Policy is enacted in accordance with the Paily General Terms & Conditions (hereinafter referred to as the “Terms”) and Paily Privacy Policy (hereinafter referred to as the “Policy”). The terms and definitions provided for in the Terms and the Policy apply to this AML Policy unless otherwise is provided by the AML Policy.

If the procedure for processing of Data subject’s personal data provided for in the Policy contradicts the procedure of personal data processing provided for in this AML Policy, the procedure of personal data processing provided for in this AML Policy shall apply.

The terms and definitions provided for in the User Agreements enacted in accordance with the Terms apply to this AML Policy unless it contradicts the provisions of the AML Policy or the Terms.

The following terms and definitions shall also apply to this AML Policy:

“KYC” - Know Your Customer procedure, meaning the procedure of identifying the Users of the Services provided by the Terms and the User Agreements.

“CDD” - Customer Due Diligence procedure, meaning the process of collecting User’s credentials to evaluate the risk profile of the User. The CDD includes SDD and EDD.

“SDD” - Simplified Due Diligence procedure, meaning the simplified process of collecting Freelancer’s credentials to evaluate the risk profile of the Freelancer.

“EDD” - Enhanced Due Diligence procedure, meaning the complicated process of collecting Business User’s credentials to evaluate the risk profile of the Business User.

“Transactions monitoring” - the process of monitoring User’s business activity while using the Services of Paily, including monitoring of User’s transactions via the Website or the Applications of

General terms and conditions

1.1. This AML Policy is aimed at compliance with the EU and Estonian legislation countering financing of terrorism, money laundering, and use of financial services for conducting other illegal transactions. All the procedures applied by Paily in accordance with the AML Policy are exclusively for the purpose of security.

1.2. By agreeing to processing of the User’s personal data in accordance with the Policy, the User provides Paily with the consent to use the User’s personal data in accordance with the AML Policy.

1.3. By providing the User with the Client’s personal data in accordance with the Policy, the Client provides Paily with the consent to use the Client’s personal data for the purposes of this AML Policy application.

1.4. This AML Policy does not apply to other categories of Data subjects provided for in the Policy.

1.5. The AML Policy provides for the 3 (three) steps of controlling User’s business activity via the Website and the Applications: 1.5.1. KYC procedure which includes creation of the Account and verification of the Account. 1.5.2. CDD which includes SDD and EDD depending on the type of the User using the Services. 1.5.3. Transactions monitoring.

KYC

2.1. The KYC procedure includes 2 (two) steps: creation of the Account and conversion of the Account into the Verified Account.

2.2. In order to use the Services of Paily, the User or User’s Representative shall create the Account on the Website or one of the Applications. It is not possible to use the Services without the Account.

2.3. In order to create the Account, the User shall provide Paily with a number of personal data that can identify the person using the Services, including the following:

2.3.1. The email address of the User. 2.3.2. The full name of the User (if the User is a Freelancer or a Business User that is a natural person) or User’s Representative (if the User itself is a Business User which is a legal entity). 2.3.3. The date of birth of the User (if the User is a Freelancer or a Business User that is a natural person) or User’s Representative (if the User itself is a Business User which is a legal entity). 2.3.4. The full address of the User. 2.3.5. The telephone number of the User.

2.3.6. The information about User’s field of expertise and competences. 2.3.7. The corporate information about the User, namely provided for in para.4.1.7 of the Policy. 2.3.8. The information about the Representatives of Business Users provided for in para.4.1.8 of the Policy.

2.4. Paily uses the information provided for in para.2.3 of this AML Policy for the following purposes:

2.4.1. Identifying whether the User intending to use the Services is a real natural person or legal entity. 2.4.2. Identifying whether the information about the User provided by the User or User’s Representative matches the publicly available information about the User. 2.4.3. Identifying whether the User or User’s Representative has enough capacity to create the Account and use the Services. 2.4.4. Identifying whether the User’s Representative has enough powers to represent the Business User and create the Account for the purposes of using the Services. 2.4.5. Identifying whether the User’s Representative has enough powers to use Business Service in accordance with the User Agreement of Business Service. 2.4.6. Identifying whether the information about the Representative provided by the Representative matches the publicly available information about the Representative.

2.5. If Paily finds out that the User is not a real natural person or legal entity, or that the information about the User or User’s Representative does not match the publicly available information about the User or the Representative, or that the Representative of the Business User does not have powers to represent the Business User, Paily will block the Account of the User and will refuse to grant access to the Services.

2.6. The User or User’s Representative that created the Account has only limited access to the Services unless the Account is converted into the Verified Account in accordance with the Terms and the Policy. The limited access to the Services provides that the User cannot conduct payment transactions via the Services. The User cannot get the full access to the Services without converting the Account into the Verified Account.

2.7. In order to make the Account the Verified Account, the User or the User’s Representative that created the Account shall pass through the verification process which is organized by GetID acting as the Paily’s Processor in accordance with the Policy.

2.8. Acting as the Processor, GetID collects the following information from Users or Users’ Representatives that created the Account:

2.8.1. The photo of the User’s (if the User is a Freelancer or a Business User that is a natural person) or User’s Representative (if the User itself is a Business User which is a legal entity) face.

2.8.2. The photo of the User’s (if the User is a Freelancer or a Business User that is a natural person) or User Representative’s (if the User itself is a Business User which is a legal entity) ID (passport, driving license, or other type of ID that Paily considers appropriate subject to the laws applicable to the User or User’s Representative).

2.9. Paily uses the information provided for in para.2.8 of this AML Policy for the following purposes:

2.9.1. Identifying whether the User or User’s Representative who created the Account is a real person. 2.9.2. Identifying whether the person in the photo is the User or User’s Representative. 2.9.3. Identifying whether the User or User’s Representative who created the Account is wanted by a government or an international organization. 2.9.4. Identifying whether the User or User’s Representative has earlier been brought to administrative or criminal liability for money laundering, violation of tax law or currency regulations, financing of terrorism, or other violations of public law in the sphere of economics.

2.10. In order to check the information prescribed in para.2.9 of this AML Policy, Paily uses the sources of information that are publicly available, as well as other sources of information that provide the information to Paily in accordance with applicable laws.

2.11. If Paily finds out that the User or User’s Representative is not a real person, or that the person in the photo is not the User or User’s Representative, or that the User or User’s Representative is wanted by a government or an international organization, or that the User or User’s Representative has earlier been brought to administrative or criminal liability for violations of public law in the sphere of economics, Paily will block the Account of the User and will refuse access to the Services. In this case, Paily may also transfer the information about the User or User’s Representative to a governmental authority or an international organization that has the power to bring the User or User’s Representative to liability for violations of law provided for in para.2.9.4 of this AML Policy.

CDD

3.1. The CDD procedure may be the SDD or the EDD depending on the type of the User using the Services. If the User is a Freelancer, SDD applies. If the User is a Business User, EDD applies (even if the Business User is a natural person).

3.2. The CDD is conducted after the User creates the Account within the terms determined by Paily which depend on the circumstances.

3.3. The SDD provides for the check of the following information about the Freelancer:

3.3.1. Whether the email address used by the User for creation of the Account is not a phishing or fake email. In order to check this information, Paily may ask the User to verify the email by clicking the special link sent to the email address of the User. 3.3.2. Whether the telephone number of the User is a real phone number. In order to check this information, Paily may ask the User to type in the special code sent to the phone number of the User in a form of SMS. 3.3.3. Whether the User is the real owner of the bank account or online wallet that was connected by the User to the Account for withdrawing funds from the Balance of the Account. In order to check this information, Paily may ask the User to provide Paily with a copy of the bank statement. 3.3.4. Whether the User resides at the address provided for in the Account. In order to check this information, Paily may ask the User to provide Paily with a copy of a utility bill or a document issued by the local tax authority which includes the information about the address of the User. 3.3.5. Whether the User had earlier had bank accounts that were closed or blocked for suspicious activity, committing fraud, or committing violations of public law in the sphere of economics provided for in para.2.9.4 of this AML Policy. In order to check this information, Paily may use publicly available online databases, as well as mass media materials and the information publicly available on the Internet.

3.4. The EDD provides for the check of the information provided for in para.3.3 of this AML Policy, as well as the verification of the following information:

3.4.1. Whether the Business User had earlier been brought to administrative or criminal liability for violations of public law in the sphere of economics provided for in para.2.9.4 of this AML Policy. In order to check this information, Paily may use publicly available databases, mass media materials, corporate information about the Business User provided by governmental authorities, and other sources of information available via the Internet. 3.4.2. Whether the Business User’s Representatives had earlier been brought to administrative or criminal liability for violations of public law in the sphere of economics provided for in para.2.9.4 of this AML Policy. In order to check this information, Paily may use the sources provided for in para.3.4.1 of this AML Policy. 3.4.3. Whether the Business User or Business User’s Representative had earlier committed fraud. In order to check this information, Paily may use the sources provided for in para.3.4.1 of this AML Policy. 3.4.4. Whether the officers of the Business User which is a legal entity had earlier managed the legal entity that was declared bankrupt due to the suspicious activity of such a legal entity. In order to check this information, Paily may use online databases of court decisions, as well as online databases of governmental authorities. 3.4.5. Whether the officers of the Business User were declared bankrupt due to their suspicious business activity. In order to check this information, Paily may use the sources provided for in para.3.4.4 of this AML Policy.

3.5. Based on the results of the CDD procedure, Paily creates the risk profile of the User used for assessing the use of the Services by the User. According to the risk profiles system, Paily divides Users into 3 (three) risks categories:

3.5.1. Low risk Users. 3.5.2. Medium risk Users. 3.5.3. High risk Users.

3.6. In order to become a Low risk User, the Freelancer shall:

3.6.1. Be able to verify the email address and the telephone number in accordance with paras.3.3.1-3.3.2 of this AML Policy. 3.6.2. Be able to verify the bank account and the address in accordance with paras.3.3.3-3.3.4 of this AML Policy. 3.6.3. Not have bank accounts closed or blocked in accordance with para.3.3.5 of this AML Policy.

3.7. In order to become a Low risk User, the Business User shall comply with the following requirements:

3.7.1. Comply with the requirements provided by paras.3.6.1-3.6.3 of this AML Policy. 3.7.2. The Business User and the Business User’s Representatives shall not be brought to the administrative or criminal liability in accordance with paras.3.4.1-3.4.2 of this AML Policy. 3.7.3. The Business User and the Business User’s Representatives shall not commit fraud in accordance with para.3.4.3 of this AML Policy. 3.7.4. The officers of the Business User shall not be participants of the bankruptcy procedure in accordance with paras.3.4.4-3.4.5 of this AML Policy.

3.8. The User becomes a Medium risk User in case one of the following circumstances takes place:

3.8.1. The address of the User provided in the Account differs from the address of the User displayed in the utility bill or the tax authority document provided in accordance with para.3.3.4 of this AML Policy. 3.8.2. The bank account of the User had earlier been closed or blocked for suspicious activity, but not for committing fraud or committing violations of public law in the sphere of economics provided for in para.2.9.4 of this AML Policy (para.3.3.5 of the AML Policy). 3.8.3. The officers of the Business User had earlier participated in bankruptcy proceedings in accordance with paras.3.4.4-3.4.5 of this AML Policy.

3.9. The User becomes a High risk User in case one of the following circumstances takes place:

3.9.1. The User is not able to verify the email address or the telephone number in accordance with paras.3.3.1-3.3.2 of this AML Policy.

3.9.2. The User cannot provide Paily with a copy of the bank statement in accordance with para.3.3.3 of this AML Policy or the information of the provided bank statement shows that the bank account or online wallet does not belong to the User. 3.9.3. The User cannot provide Paily with a copy of a utility bill or a document issued by the local tax authority which includes the information about the address of the User in accordance with para.3.3.4 of this AML Policy. 3.9.4. The User had earlier had the bank account that was closed or blocked for committing fraud or committing violations of public law in the sphere of economics provided for in para.2.9.4 of this AML Policy (para.3.3.5 of the AML Policy). 3.9.5. The Business User or Business User’s Representative had earlier been brought to administrative or criminal liability in accordance with paras.3.4.1-3.4.2 of this AML Policy. 3.9.6. The Business User or Business User’s Representative had earlier committed fraud (para.3.4.3 of the AML Policy).

3.10. If the User is a Low risk User, the User has full access to the Services of Paily. The transactions of the Low risk User are subject to Transactions monitoring, but such monitoring is conducted in a simplified manner.

3.11. If the User is a Medium risk User, the User has full access to the Services of Paily. However, all the transactions of the Medium risk User are subject to thorough Transactions monitoring. All the transactions of the Medium risk User are presumed not secure for Paily.

3.12. If the User is a High risk User, Paily is entitled to block the Account of the User and refuse access to the Services. In this case, the High risk User may ask Paily to grant access to the Services only 1 (one) year after Paily refused access to the Services and only subject to compliance with the KYC and CDD procedure provided by the AML Policy. If Paily does not block the Account and does not refuse access to the Services, all the transactions of the High risk User are subject to thorough Transactions monitoring. All the transactions of the High risk User are considered suspicious unless otherwise is proven by the User.

3.13. Each year Paily reviews the business activity of Low risk and Medium risk Users, as well as the business activity of High risk Users that has not been refused access to the Services in accordance with para.3.12 of this AML Policy. Based on the results of the review, the User may be put to another category provided for in para.3.5 of the AML Policy. Paily considers the following factors while making the decision on putting the User to another category:

3.13.1. The amount of business transactions successfully conducted by the User via the Services during the last year. The transaction was successful if Paily did not refuse to sign the Invoice under para.4.6 of the AML Policy and if the Client managed to confirm the Invoice in accordance with para.4.5 of the AML Policy. The more successful transactions the User has, the more chances that the User will be brought to Low risk category (if the User was in Medium risk category) or to Medium risk category (if the User was in High risk category). 3.13.2. The amount of business transactions of the User that did not pass Transactions monitoring. The more transactions that did not pass Transactions monitoring the User has, the more chances that the User will be brought to Medium risk category (if the User was in Low risk category) or to High risk category (if the User was in High risk category). 3.13.3. The additional information about the User or Business User’s Representatives presented by the User demonstrates the bona fide intention of the User to use the Services in accordance with applicable laws. 3.13.4. The number of positive and negative reviews about the User posted by Clients and other customers of the User on the Internet.

3.14. If after the review conducted in accordance with para.13.3 of the AML Policy the User is brought to another category of Users, paras.3.10-3.12 of the AML Policy apply to the User depending on the new category to which the User has been put.

Transactions monitoring

4.1. Paily checks all payment transactions of Users with Clients conducted via the Services.

4.2. In order to make the transaction safe, Paily provides Users with Paily’s companies with the bank accounts in several jurisdictions so that the receiving of the payment from the Client is within the control of Paily.

4.3. According to the Terms, the User wishing to receive the payment from the Client shall issue the Invoice which is signed by Paily as the agent of the User acting on behalf of the User.

4.4. In order to issue the Invoice, the User shall provide Paily with the information about the Client provided for in para.4.3 of the Policy. Such information includes the description of services or works performed by the User for the Client and the price for such services or works.

4.5. Paily sends the issued and signed Invoice to the email address of the Client, and the Client shall confirm the validity of the Invoice before making the payment.

4.6. Before signing the issued Invoice and sending the signed Invoice to the Client, Paily is entitled to review the information about the Client provided for in para.4.4 of the AML Policy, as well as the information about the business transaction between the User and the Client. Paily is entitled to refuse signing of the Invoice and sending the Invoice to the Client if Paily has reasonable grounds to believe that the transaction between the User and the Client is suspicious. The following factors are considered by Paily before making the decision on suspicious character of the transaction:

4.6.1. The price for the services or works performed by the User for the Client does not match the market price for the similar services or works. 4.6.2. The services or works described by the User in the issued Invoice can be performed only by a legal entity having a special license or authorization, and the User did not provide Paily with the information that the User has such a license or authorization.

4.6.3. The services or works described by the User in the issued Invoice provide for committing illegal acts, including bribery or other illegal communication with governmental authorities. 4.6.4. The information about the Client provided by the User in the issued Invoice does not match the publicly available information about the Client, including the information provided in the governmental databases. 4.6.5. The publicly available information about the Client demonstrates that the Client or the officers of the Client (if the Client is a legal entity) had earlier been brought to administrative or criminal liability for violations of public law in the sphere of economics provided for in para.2.9.4 of the AML Policy. 4.6.6. The email of the Client provided by the User for confirming the Invoice is a phishing or fake email. 4.6.7. Other factors demonstrating that the transaction is aimed at covering illegal activity of the User or the Client.

4.7. Client will not be able to pay the Invoice if Paily refuses to sign and send the Invoice under para.4.6 of the AML Policy or if the Client cannot confirm the signed Invoice under para.4.5 of the AML Policy.

4.8. The fact that the Client could not pay the Invoice under para.4.7 of the AML Policy will be considered by Paily while making the annual review of the User in accordance with para.3.13 of this AML Policy.

4.9. If within 1 (one) calendar year Paily refused to sign the Invoice under para.4.6 of the AML Policy more than 5 (five) times or Clients of the User could not confirm signed Invoices under para.4.5 of the AML Policy more than 5 (five) times, Paily will automatically put the User to the category of High risk Users without making the annual review in accordance with para.3.13 of the AML Policy. In this case the provisions of para.3.12 of the AML Policy shall apply to such a User.

Final provisions

5.1. All warranties and restrictions of Paily’s liability established in the Terms and the User Agreements apply to this AML Policy.

5.2. All rules on indemnities established in the Terms and the User Agreements apply to this AML Policy.

5.3. The provisions on applicable law and dispute resolution procedure provided for in paras.12.1-12.12 of the Terms apply to this AML Policy.

5.4. This AML Policy was enacted on August 27, 2021. Paily reserves the right to update this AML Policy and notify the Users about the updates in accordance with the rules provided in paras.13.2-13.3 of the Terms.

5.5. The AML Policy does not affect the rights of Users and Clients guaranteed by the General Data Protection Regulation No. 2016/679 (GDPR).

5.6. The AML Policy does not affect or restrict the responsibility of Paily as the Controller of personal data provided by the GDPR.

5.7. The User may contact Paily by using the contact information provided for in Section 14 of the Terms.