AML Policy

This Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) Policy (“Policy”) sets forth the commitment and procedures implemented by Fx Funds Flow Limited (a company incorporated in Saint Lucia, CRN: 2025-00415) and FF Flow Limited (a company incorporated in Hong Kong, CRN: 78177928), collectively referred to as “Forex Funds Flow” or “FFF”.

This Policy outlines the framework for identifying, preventing, and reporting suspicious activities that may be linked to money laundering or the financing of terrorism. It applies to all personnel, directors, contractors, and relevant service providers of FFF, and all customers who engage with the FFF platform.

• 1.Money Laundering (Prevention) Act
• 2.Proceeds of Crime Act
• 3.Guidelines and directives issued by the Financial Intelligence Authority (FIA)

• 1.Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Cap. 615)
• 2.Organized and Serious Crimes Ordinance (OSCO)
• 3.Drug Trafficking (Recovery of Proceeds) Ordinance (DTROP)
• 4.United Nations (Anti-Terrorism Measures) Ordinance (UNATMO)
• 5.Guidelines issued by the Joint Financial Intelligence Unit (JFIU), SFC, and HKMA

FFF will comply with all applicable international AML/CTF obligations, including those imposed by the Financial Action Task Force (FATF).

FFF applies an RBA to assess and mitigate ML/TF risks. Customers are classified into low, medium, or high-risk categories based on:

• Geographic location
• Nature of business activities
• Source of funds and wealth
• Use of intermediaries or third parties
• Trading patterns and volume

Enhanced Due Diligence (EDD) is applied to high-risk customers.

CDD is mandatory before providing services. FFF uses Veriff as its third-party KYC/AML provider to:

• Verify identity documents and biometric data
• Cross-check against sanctions and PEPs lists
• Conduct liveness checks and device risk scoring

Ongoing CDD is conducted periodically or on the occurrence of red flags.

• The customer is a PEP or related to one
• The customer resides in or is associated with a high-risk jurisdiction
• There are anomalies in trading behavior

• Obtaining additional identification documents
• Independent verification of information
• Conducting adverse media checks
• Obtaining senior management approval

• Real-time alerts generated by our third party KYC providers and internal systems
• Transaction pattern analysis
• Monitoring for unusual volumes, counterparties, or jurisdictions

Alerts are reviewed by Compliance, and suspicious behavior is escalated to the MLRO.

FFF uses Veriff for digital onboarding and compliance, offering:

• Biometric identity verification
• Automated risk scoring
• Real-time fraud detection

The integration with Veriff is reviewed quarterly by the Compliance team.

FFF retains the following records for at least 5 years after the end of a customer relationship:

• CDD and EDD documents
• Transaction histories
• Internal reviews and communications
• Filed STRs and related documentation

Records are securely stored and protected from unauthorized access.

• Inconsistent customer behavior
• Use of multiple or layered accounts
• Requests for anonymity

• Segregation of duties
• Management oversight
• Regular compliance audits

Independent audits are conducted annually or when material changes occur. Audit findings are reported to Senior Management.

• At onboarding for all staff
• Annually thereafter
• On an ad-hoc basis when changes occur

• AML/CTF laws
• Internal procedures
• Red flags and escalation protocol

• The General Data Protection Regulation (GDPR), where applicable
• The Hong Kong Personal Data (Privacy) Ordinance (PDPO)
• Applicable data protection laws in Saint Lucia

Information is shared only with authorized personnel or regulators.