This Anti-Money Laundering (AML) Policy is issued by Arizet Labs ME Limited (HE 488153), the entity that operates the consumer-facing Desk business. It sets out how the Company identifies, assesses, and mitigates the risk of money laundering, terrorist financing, and other financial crimes, in compliance with the EU Anti-Money Laundering Directives (AMLD4/5/6), applicable Cyprus AML legislation, EU sanctions regulations, and the Transfer of Funds Regulation (TFR).
Arizet Labs ME Limited ("the Company") is committed to preventing money laundering, terrorist financing, and other financial crimes. This policy outlines the Company's framework for identifying, assessing, and mitigating such risks in full compliance with the EU Anti-Money Laundering Directives (AMLD4/5/6), applicable Cyprus AML legislation, EU sanctions regulations, and the Transfer of Funds Regulation (TFR).
This policy applies to all directors, employees, contractors, and business partners of the Company, and covers all business relationships, transactions, and services offered by the Company.
The Company has appointed a Money Laundering Reporting Officer (MLRO), a Director of Arizet Labs ME Limited, who is responsible for overseeing AML compliance, receiving internal suspicious activity reports, and filing Suspicious Activity Reports (SARs) with the relevant authorities where required.
The Company applies a mandatory, risk-based KYC process to all clients and counterparties. No business relationship may be established and no services may be provided until KYC verification has been successfully completed.
Full KYC verification is required in the following circumstances:
The Company uses Sumsub (sumsub.com) as its third-party KYC verification provider. Sumsub performs automated identity verification including:
For legal entity clients, verification additionally includes a Certificate of Incorporation, a UBO declaration, a Certificate of Directors, and government-issued ID for each UBO and director.
All received verification data (ID copies, documents, liveness results) is reviewed by the MLRO or a designated compliance team member before the client relationship is approved. Verification data is stored securely in accordance with GDPR.
KYC Provider: Sumsub (sumsub.com), an EU-compliant identity verification platform used for document verification, biometric checks, and sanctions/PEP screening. The Company may supplement Sumsub with manual review where required.
The Company applies three levels of due diligence based on assessed risk:
The Company does not provide services to any individual, entity, or beneficial owner who is a citizen of, resident in, or located in any of the following prohibited jurisdictions, in accordance with EU sanctions regulations and the requirements of the local regulator:
This list is reviewed and updated at least quarterly in line with EU, UN, OFAC, and HM Treasury sanctions lists. Any client found to be connected to a prohibited jurisdiction after onboarding will have their account immediately suspended and reported to the MLRO for review and potential SAR filing.
All clients and counterparties are screened against the following sanctions and watchlists prior to onboarding and on an ongoing basis via Sumsub:
All directors and staff must report any suspicious transactions or activity to the MLRO immediately. The MLRO will evaluate the report within 24 hours and, where required, file a SAR with the relevant Cyprus or EU financial intelligence authorities. Tipping off clients about a SAR or investigation is strictly prohibited under penalty of law.
The Company retains all KYC documents, transaction records, correspondence, and due diligence files for a minimum of 5 years from the end of the business relationship or the date of the transaction, in compliance with the EU AML Directives.
The Company conducts an enterprise-wide AML/CFT risk assessment at least annually, evaluating risks related to its client base, products, services, delivery channels, and geographic exposure. Results are used to calibrate the Company's AML controls and CDD procedures.
All directors and relevant staff receive AML/KYC training upon onboarding and at least annually thereafter. Training covers current AML regulations, red flags for money laundering and terrorist financing, reporting obligations, and this policy.
This policy is reviewed at least annually, or immediately upon significant changes to the Company's business activities, applicable regulations, or sanctions requirements. All revisions are approved by the MLRO and recorded with version history.
Approved by: the Director and MLRO of Arizet Labs ME Limited. Approved May 28, 2026.