Assisting a Digital Asset Service Provider to Review Current AML/KYC Compliance Programme
A leading digital asset service provider in Asia, the client provides trading, lending and borrowing, and technical support to hedge funds, corporations, and high-net-worth individuals. With capabilities to support over 800 tokens and 1,400 trading pairs globally, the client has a daily trading volume of over US$400million. It also has provided over US$2 billion in loans to institutional investors in the past 12 months.
In January 2020, the Monetary Authority of Singapore (MAS) issued the Payment Service Act (PSA) – a comprehensive regulatory framework for digital asset service providers. Besides adhering to this framework, affected organisations must now apply for a PSA license in order to commence (or continue) their operations in Singapore.
With plans to expand its digital asset footprint into Singapore, the client engaged Pragma's services to assist it in applying for a PSA license and, in the context of that application, to review the fitness of its AML/CFT compliance programme.
Since the PSA license application required attestation of the organisation's anti-money laundering/know your customer (AML/KYC) capabilities, Pragma's Compliance, Conduct, and Regulatory Risk team was engaged to review the client's current AML/KYC compliance programme.
This involved identifying the client's operational risks and assessing the effectiveness of its existing controls. Given the nature of the client's business, the review focused on its customer onboarding and ongoing customer monitoring processes.
The resulting deliverable (an enterprise-wide risk assessment) documented the client's processes, controls, and risk ratings across five categories: customer, geographic, products and services, delivery, and use of third-party vendors. Where mitigating controls could be improved (and, thus, further reducing operational risk), such recommendations were provided to the client.