This Know Your Customer (“KYC”) and Anti-Money Laundering (“AML”) Policy (“KYC/AML Policy”) details the KYC and AML requirements to access and use of the electronic platform, including the mobile application and/ or website, known as “CoinSwitch” collectively referred to as “Platform”, which are owned by Bitkuber Investments Private Limited, a private limited company registered under the Companies Act, 2013 (CIN U65990KA2021PTC145060).
You accept and understand that this KYC/AML Policy forms a legal and binding agreement between You and CoinSwitch.
You hereby expressly consent to CoinSwitch’s continuous monitoring and collecting of information and data of Your activities on our Platform for the purpose of this KYC/AML Policy.
1.1 “Applicable Law” shall mean any applicable statute, law, regulation, ordinance, rule, judgment, order, decree, by-law, approval from the concerned authority, government resolution, order, directive, guideline, policy, requirement, or other governmental restriction in force in India, including without limitation the Prevention of Money Laundering Act 2002 (“PMLA”), the Prevention of Money Laundering (Maintenance of Records) Rules 2005 (“PML Rules”), and various applicable guidelines, rules and regulations of the Computer Emergency Response Team, India, and the Reserve Bank of India or its constituents/payment system providers as applicable, replaced and updated from time to time.
1.2 “Company”, “Ourselves”, “Us”, “Our” and “We” refers to Bitkuber Investments Private Limited which expression shall include its successors and assigns..
1.3 “Customer”/“User”/“You” shall mean any Person using/accessing the Platform.
1.4 “Customer Due Diligence (CDD)” means identifying the customer and verifying their identity by using a reliable, independent source of documents, data, or information.
1.5 “Officially Valid Document/OVD” means the passport, the driving license, proof of possession of an Aadhaar Number, or the voter’s identity card issued by the Election Commission of India For the purpose of this definition, ‘Aadhaar Number’ means an identification number as defined under the Aadhaar (Targeted Delivery of Financial and other Subsidies, Benefits and Services) Act, 2016.
1.6 “Person” means an individual who is above eighteen (18) years of age and an Indian citizen-resident.
1.7 “Politically Exposed Person” (PEP) is a person who is authorized to perform prominent public functions in a country and includes governors of the state, members of Parliament, military officers, senior government and judicial executives, and heads of local bodies such as municipal corporations, among others. You could also qualify as a PEP if You are a family member or a close relative of such an individual.
1.8 “Suspicious Transaction” means a transaction, including an attempted transaction on the Platform, whether or not made using fiat currency, which under CoinSwitch’s sole discretion:
1.9 “User Account”/“User’s Platform” shall mean the account created on the Platform.
2. KYC Norms
2.1 KYC is the key principle for the identification of any individual opening and operating a User Account. KYC means to ‘Know Your Customer’ which is an effective way for an institution to confirm and thereby verify the authenticity of a customer.
2.2 The customer identification should entail verification on the basis of documents and information provided by the customer. The objectives of KYC are as under:
3. Declarations and Obligations
3.1 Declarations and Disclosure of Information by the Platform
3.1.1 CoinSwitch will identify and verify User’s identity at the time the User opts to trade using the Platform or apply to be a Customer. To this effect, CoinSwitch shall collect, and You, as the User shall provide, such documents and data, as requested by CoinSwitch from time to time, to establish and verify the identity of the User / for KYC purposes / to establish and verify the nature of any Suspicious Transaction undertaken on the Platform. All data provided by You for KYC, and customer identification purposes or information on the Suspicious Transaction, shall be true, correct, and up-to-date. CoinSwitch may also use/deploy various software and/or technology or other means, either directly or through its service providers/vendors to establish and verify Your identity and/or the documents/information provided by You. You hereby consent to any such identity verification and KYC checks.
3.1.3 CoinSwitch shall endeavor to verify, either itself or through third-party vendors/service providers, the identity and address of the Users along with the other details and documents submitted by You as may be legally/operationally tenable, including but not limited to using the following methods:
a. PAN/e-PAN verification through government sources; or
b. Masked/Offline Aadhar/Proof of Possession of Aadhar under the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016; or
c. Passport issued under the Passports Act, 1967; or
d. Verification of Voter ID card issued by the Election Commission of India; or
e. Any other document may be required by the Platform from time to time.
You as the User, hereby agree to provide the required documents and information for KYC checks in a timely manner, to create and to continue using the User’s Platform Account through which the You may give instructions on the Platform.
3.1.4 Your failure as a User, to provide the requisite KYC documents or any identification documents or information as requested by CoinSwitch, may hinder or completely restrict Your use of the Platform and the related services to the User.
3.1.5 You acknowledge and agree that the foregoing list of documentation, verification, and information may be amended by CoinSwitch by way of a notification/intimation, in its sole discretion from time to time, without prior notice.
3.1.6 CoinSwitch reserves the right to examine or request additional information and documents to establish Your identity, bank accounts, and You shall provide all assistance and cooperation in this regard. If You fail/refuse to comply with the requirements herein, CoinSwitch at its sole discretion can restrict Your access to the Platfrom and/ or shall not allow You to create or operate the User Account.
3.1.7 You agree to provide such additional documents as may be required by CoinSwitch, to ensure compliance with any Applicable Laws or CoinSwitch’s policies or a request from any law enforcement authorities immediately, upon receipt of a written request from CoinSwitch.
3.1.8 You further represent, warrant, and agree to provide true, correct, and complete KYC documents, information, and data to CoinSwitch / its delegates/agents/representatives.
3.1.9 Where any transaction or series of transactions undertaken by You are considered as Suspicious Transaction(s) at the sole discretion of CoinSwitch or CoinSwitch reasonably perceives that it is likely to involve proceeds of crime or be used towards any illegal activity, or in an event, if CoinSwitch receives requests/requisitions from any banking partner/ payment system provider or participant/ statutory/ regulatory/ supervisory/ law enforcement authority/enforcement authority (“Authorities”), CoinSwitch shall report all such Suspicious Transaction(s) to the Authorities, as well as use, retain and share Your personal data, documents, and information available with CoinSwitch with the Authorities, and block and freeze Your access to the Platform and Your User’s Platform Account, and may also increase the future monitoring of such User’s Platform Account. You as the User, hereby undertake and warrant to provide all assistance, support, and cooperation in this regard including additional documents to verify the identity or the details of the transaction.
3.1.10 CoinSwitch does not allow the opening of or keeping any anonymous User’s Platform Accounts or creating any accounts under fictitious names or on behalf of other persons whose identity has not been disclosed, or cannot be verified, or more than one (1) account for a person.
3.2 Your Obligations
3.2.1 You agree to use the Platform only for lawful and legal purposes as per this KYC/AML Policy, as amended from time to time, and the Applicable Laws.
3.2.2 You shall not use the Platform for any illegal or unlawful or criminal or anti-national purposes or for financing any such activity under any circumstance whatsoever.
3.2.3 You shall not impersonate another person or misrepresent Yourself on the Platform Under any circumstance whatsoever.
3.2.4 You undertake and warrant not to indulge in any Benami transactions or any transactions that are in violation of any Applicable Laws, this Policy or any other policy or instruction as issued by CoinSwitch from time to time.
4. Customer Acceptance Policy (CAP)
4.1 Account Opening Procedures
4.1.1 Any Indian national resident can open a User’s Platform with CoinSwitch and such User’s Platform can only be accessed within the geographical territory and jurisdiction of India.
4.1.2 The User has to provide the following before his/ her User’s Platform can be made operational:
a. Permanent Account Number (PAN) given by Income Tax Authorities,
b. Documents for identification and proof of residence (Aadhaar/Voter ID/Passport),
c. Live selfie from the camera.
Please note that post the account opening process, the User would be required to add and verify their bank account/UPI ID for making INR deposits/withdrawals.
4.1.3 The above documents/data would help to establish the identity of the person opening the account but would not be sufficient to prepare a profile of expected activities in the User’s Platform. Towards this, the following additional details may need to be collected while opening the User’s Platform:
a. Annual income,
c. If Politically Exposed Person (PEP),
d. Trading experience, and
e. Marital status.
4.1.4 The User’s User’s Platform will only be made operational for the User to avail of our services when such documents, information as mentioned above, or any other additional information as requested by CoinSwitch has been verified as per the satisfaction of CoinSwitch.
4.2 CoinSwitch shall maintain an audit trail of any upload/modification/download.
4.3 Safeguard measures taken by the Platform
4.3.1 Before registering a User’s Platform, We on a reasonable efforts basis ensure that:
a. Users are not accessing the Platform under an anonymous or fictitious/benami name.
b. No User’s Platform is made operational and the User is not allowed to avail our services in an event if we are unable to apply appropriate CDD measures, i.e. verify the User identity and/or obtain documents required or non-reliability of the documents/information furnished to CoinSwitch, either due to non-cooperation of the User or non-reliability of the documents/information furnished by the customer.
c. No account is opened or trades are executed without following CDD procedure.
d. The User’s identity does not match with any person with a known criminal background or having any association/ relationship with banned entities/ persons such as individual terrorists or terrorist organizations etc.
4.3.2 Users are not permitted to act on behalf of another User and can only transact on CoinSwitch’s platform on their own account, with their own funds, and for their own benefit. Users are not permitted to open any of the following:
a. an anonymous account;
b. an account under a fictitious name; or
c. an account on behalf of other persons whose identity is undisclosed or unverifiable.
4.3.3 CoinSwitch at its sole discretion may review the User’s User’s Platform and transactions for any Suspicious Transactions or in an event if CoinSwitch receives a request for the same from Authorities and based on CoinSwitch’s judgment or instruction from Authorities such User’s Platform may be suspended, frozen, blocked, disabled, or terminated.
4.3.4 CoinSwitch may, in its sole discretion, refuse to open any new accounts, suspend or terminate existing User Accounts after giving due notice, or refuse to process any transactions on the Platform if it is unable to ensure compliance with any of the aforementioned conditions, either due to non-cooperation by the User or due to the details provided by the User being found enlisted on any Sanctions Lists or unreliable or unverifiable to CoinSwitch’s satisfaction.
4.3.5 Requirements/obligations under international agreements & Communication from international agencies: CoinSwitch shall reasonably ensure that it does not have any account in the name of individuals appearing in the lists of individuals and entities, suspected of having terrorist links, which are approved by and periodically circulated by the United Nations Security Council (UNSC), other watchlists and sanctions lists.
5. Customer Identification Procedure (CIP)
One of the objectives of the KYC and data/information collection norms being carried out by CoinSwitch is to ensure appropriate Customer Identification. Customer Identification means undertaking the process of CDD. CoinSwitch may need to obtain sufficient information necessary to establish, to its satisfaction, the identity of each User, whether regular or occasional and the purpose of the intended nature of the transaction being executed on/ through the Platform.
Customer Identification Procedure is carried out at different stages while the Platform is accessed by the User and is not limited to instances when:
a. Registering a User’s Platform Account,
b. Periodic review of a User’s Platform Account,
c. Any transaction is being executed by the User on the Platform, and/or
d. The Platform has a doubt about the authenticity/veracity or the adequacy of the earlier obtained User Identification data.
5.1 User identification
Identification of a User is an important prerequisite for registering and opening a User’s Platform. No User’s Platform is allowed on the Platform unless verification and due diligence of said User is successfully completed by CoinSwitch.
5.1.1 What is Identity?
Identity generally means a set of attributes that together uniquely identify a ‘natural’ or a ‘legal’ person. The attributes which help in the unique identity of a ‘natural’ or ‘legal’ person are called identifiers. Identifiers are of two types: a.) Primary and b.) Secondary.
a. Primary Identifiers: Means and includes the name (in full), Date of Birth, PAN number, and Passport number/Voter Identity Card/Driving License as they help in uniquely establishing the identity of the person.
b. Secondary Identifiers: Includes address, location, Nationality, and other such identification, as they help further refine the identity. User identification does not start and end at the point of application but it is always an ongoing exercise..
5.1.2 What is Identification?
Identification is the act of establishing who a person is:
a. In the context of KYC, identification means establishing who a person purports to be.
b. This is done by recording the information provided by the User covering the elements of his identity (i.e. name, and the address at which they can be located).
c. For undertaking CDD, the following shall be obtained from an individual while establishing a relationship. The features to be verified and the documents to be obtained for establishing the identity of a person are as under:
(i) Permanent Account Number (PAN) or the equivalent e-PAN, and
(ii)Certified copy of an Officially Valid Document (OVD) or the equivalent e-document thereof containing the details of identity and address. “Officially Valid Document” (OVD) means i) the Passport, ii) Aadhaar card, iii) the Voter’s Identity Card, iv) or any other document as required by CoinSwitch from time to time and in its sole discretion.
5.1.3 What is Verification?
Verification of identity is the process of proving whether a person actually is who they claim to be. In the context of KYC, verification is the process of seeking satisfactory evidence of the identity of those with whom CoinSwitch does business. This is done by carrying out checks on the correctness of the information provided by the customer.
5.1.4 Process of video-KYC
In scenarios where the document provided by a User has some issues and cannot be validated using the automated solutions CoinSwitch has in place, a video-KYC might be required from the User to validate the identity and authenticity of the document/ information submitted by them. We would also use the video-KYC process while performing enhanced due diligence wherever required.
5.1.5 Periodic updation of KYC
Periodic updation of KYC of Users is performed at such intervals of time and using such processes/documents as decided by CoinSwitch at its sole discretion. A risk-based approach for periodic updation of KYC is to be adopted:
a. No change in KYC information: In case of no change in the KYC information, a self-declaration from the User in this regard shall be obtained through User’s email id and mobile number registered with CoinSwitch.
b. Change in address: In case of a change only in the address details of the User, a self-declaration of the new address may be obtained from the User through the User’s email id and mobile number registered with CoinSwitch along with valid proof to be submitted by the User for the change in such address.
c. Change in contact information like a phone number or email address: In case of a change in the contact details of the User, the User can reach out to CoinSwitch to get the details updated, along with valid proof of change and demonstrating ownership of the User’s Platform for which the details are to be updated.
5.2 Types of CDD
There are 2 types of Customer Due Diligence (CDD) that can be used in accordance with the risk category of the customer.
5.2.1 Basic Due Diligence means the collection and verification of identity proof, address proof, and a photograph to establish the identity of the User. This is done on the basis of the documents and information submitted by the User.
5.2.1 Enhanced Due Diligence (EDD) means additional diligence measures undertaken over and above the Basic Due Diligence. Steps under EDD shall include but will not be limited to checking if a User falls under the category of Politically Exposed Persons (PEPs), or is associated with any terrorist activities/groups, monitoring the account activity of such users, etc.
CoinSwitch shall conduct Basic Due Diligence, EDD, or any other due diligence activity or measures which under its sole discretion and/ or under Applicable Laws is required for a User registering or using the Platform.
6. Anti-Money Laundering Standards
In terms of the provisions of Prevention of Money-Laundering Act, 2002 and the Prevention of Money-Laundering (Maintenance of Records) Rules, 2005, as amended from time to time, Regulated Entities (REs) are required to follow certain customer identification procedures while registration with the Platform and undertaking a transaction either by establishing an account-based relationship or otherwise and monitor their transactions. Although CoinSwitch is not an RE, however CoinSwitch has voluntarily taken steps to adopt the KYC/AML/CFT processes under the aforementioned Act and Rules.
CoinSwitch is vigilant in the fight against money laundering and under its best judgment implements processes not allowing any person to use the Platform for money laundering and terrorist financing activities.
6.1 Steps taken to prevent Money-Laundering activities and Terrorist Financing
CoinSwitch has implemented certain steps with an objective to prevent any money laundering activity and/or terrorist financing on the Platform. Such processes being implemented are exhaustive in nature and are subject to change as required under any Applicable Law and/or as per CoinSwitch’s sole discretion.
7. Monitoring of Transactions – On-going Due Diligence
7.1 Monitoring and supervision of the User’s Platform in the event of any suspicious activity is detected is essential.
7.2 As part of the ongoing due diligence process, CoinSwitch shall monitor User’s Platform activities undertaken by a User through the Platform to reasonably ensure that they are consistent with their knowledge of the User, its risk profile, and where necessary, the source of funds.
7.3 When there are suspicions of money laundering or financing of activities relating to terrorism or where there are doubts about the adequacy or veracity of previously obtained User identification data, CoinSwitch may review the due diligence measures including reverifying Your identity, and may request additional information. You, the User hereby confirm that You shall provide all such information, as and when requested by CoinSwitch.
7.4 Monitoring customer activity and transactions throughout the relationship helps us to know their customers, assess risk, and provide assurance that CoinSwitch is not being used for the purposes of financial crime. However, the extent of monitoring shall be aligned with the risk category of the customer. High-risk accounts have to be subjected to more intensified monitoring.
7.5 Without prejudice to the generality of factors that call for close monitoring following types of transactions shall necessarily be monitored, whereas on basis of monitoring activities conducted by CoinSwitch as described under this Policy, any User’s Platform may be frozen or suspended / User access might be blocked or terminated as decided by CoinSwitch under its sole discretion:
a. Very high account turnover inconsistent with the size of the balance maintained.
b. Special attention should be paid to the complex, unusually large transactions and all unusual patterns, inconsistent with the normal and expected activity of the User, which have no apparent economic rationale or lawful purpose.
7.6 CoinSwitch may enable alerts when the transactions are inconsistent with risk categorisation and the updated profile of the customers shall be put into use as a part of effective identification and reporting of suspicious transactions.
8. Contact & Compliance Officer
8.1 CoinSwitch has appointed a ‘Principal / Compliance Officer’ to ensure overall compliance with the obligations imposed herein and under any Applicable Laws. At present, our Compliance Officer is Mr. Shiva Tadikonda who can be reached at email@example.com
8.2 In case of any complaint or queries with respect to this Policy or to report any suspicious or illegal activity of a User within Your knowledge, You may write to us at firstname.lastname@example.org
9. Risk Management by Periodic Review
9.1 Identification of a customer is an important prerequisite for opening an account. Non-adherence to this may lead to risks e.g. frauds, money laundering, inadvertent overdrafts, and Benami/fictitious accounts.
9.2 Non-compliance of monitoring of the transactions exceeding the threshold limit and non-recording of the transactions may result in intentional splitting/structuring of transactions to evade taxes, money laundering, and financing of terrorist activities.
9.3 CoinSwitch may carry out ‘Money Laundering (ML) and Terrorist Financing (‘TF’) Risk Assessment’ periodically to identify, assess and take effective measures to mitigate money laundering and terrorist financing risk for Users, countries or geographic areas, and products, services, transactions, or delivery channels that is consistent with any national risk assessment conducted by a body or authority duly notified by the Central Government.
9.4 CoinSwitch, as a best industry practice and under its sole discretion categorizes the Users under low, medium, and high-risk categories, based on the assessment and risk perception. CoinSwitch should prepare the profile of the customer which should contain information relating to the customer’s identity, social/financial status, nature of the business activity, and risk categorisation shall be undertaken based on these parameters.
9.5 All User Accounts should be periodically updated based on their risk category. Unless otherwise required under this Policy or under Applicable Law or for complying with any request of Authorities, at present, the periodicity of such updation should not be less than once in five (5) years in the case of low-risk category customers, and not less than once in two (2) years in case of high and medium risk categories. CoinSwitch reserves the right to change the above periodicity at any time and from time to time in its sole discretion.
9.7 CoinSwitch may take a view on risk categorisation of each customer into low, medium, and high-risk categories depending on their experience, expertise in profiling of the customer based on their understanding, judgment, assessment, and risk perception of the customer and not merely based on any group or class they belong to.
9.8 The risk assessment carried out by CoinSwitch shall:
a. be reasonably documented;
b. consider all the relevant risk factors before determining the level of overall risk and the appropriate level and type of mitigation to be applied;
c. be kept up to date; and
d. be available to competent authorities and self-regulating bodies/Authorities, if and as required under Applicable Laws.
9.9 Periodic updation of KYC
Periodic updation of KYC of Users is performed at such intervals of time and using such processes/documents as decided by CoinSwitch at its sole discretion. A risk-based approach for periodic updation of KYC is to be adopted based on the periodicity described earlier.
a. No change in KYC information: In case of no change in the KYC information, a self-declaration from the User in this regard shall be obtained through User’s email id and mobile number registered with CoinSwitch.
b. Change in address: In case of a change only in the address details of the User, a self-declaration of the new address shall be obtained from the User through the User’s email id and mobile number registered with CoinSwitch along with valid proof to be submitted by the User for the change in such address.
c. Change in contact information like a phone number or email address: In case of a change in the contact details of the User, the User can reach out to CoinSwitch to get the details updated, along with valid proof of change.
d. Change in any other information: In case of any change in the information provided at the time of onboarding or periodic updates, the User should reach out to CoinSwitch to get the details updated, along with valid proof of change at email@example.com
10. Internal Controls
10.1 Preservation of Record / Record Management
10.1.1 CoinSwitch shall reasonably ensure that all information received for the purpose of identification or due diligence is used by it in accordance with CoinSwitch’s terms and conditions applicable. CoinSwitch shall also take necessary reasonable steps for maintenance, preservation, and reporting of User information per the internal policies and standard operating procedures of CoinSwitch.
10.1.2 In addition, the confidentiality, security, and protection against access, use, and disclosure (including publication or display) of all information of a User, collected or created by CoinSwitch shall be kept in accordance with Applicable Law.
10.1.3 CoinSwitch shall collect and maintain records, in the form of books or stored in a computer, of Your identity proof along with all documents and information provided by You and of all the transactions undertaken by You on the Platform, as required under the Applicable Laws/good industry practices.
10.1.4 CoinSwitch shall maintain and report to Authorities the records of:
a. the KYC details, documents, and data of all Users who open a User’s Platform Account on the Platform;
b. the KYC details, documents, and data of all Users who undertake a transaction on the Platform; or
c. Your transactions on the Platform.
10.2 CoinSwitch shall make available the identification records and transaction data to the authorities upon request.
10.3 If CoinSwitch:
a. suspects transactions of being involved in ML or TF, or
b. doubts the adequacy or veracity of previously obtained identification data,
necessary steps will be taken to review the due diligence measures undertaken by the Platform or the information obtained (on the purpose and intended nature of the business relationship) from the User.
10.4 Hiring of Employees
Adequate screening mechanisms as an integral part of their personnel recruitment/hiring process shall be put in place to ensure high standards and equal and fair opportunity when hiring employees.
10.5 Employee training
10.5.1 Employee training programs are put in place so that the members of concerned staff are adequately trained in KYC/AML/CFT policy. The focus of the training could be different for frontline staff, compliance staff, risk management staff, Audit staff, and staff dealing with new customers. The front desk staff is trained to handle issues arising from a lack of customer education. Proper staffing of the audit function with persons adequately trained and well-versed in KYC/AML/CFT policies, regulations, and related issues also ensure its proper implementation. e-Learning modules have been introduced for increased awareness.
10.5.2 CoinSwitch may put in place policies and FAQs to answer any queries or questions of the Users and satisfy them while seeking information in furtherance of the Policy.
10.5.3 We have taken every effort to ensure that this Policy adheres to the applicable laws. The invalidity or un-enforceability of any part of this Policy shall not prejudice or affect the validity or enforceability of the remainder of this Policy. This Policy does not apply to any information other than the information collected by CoinSwitch through the Platform.
Annex 1 – KYC-AML Standards – Dos and Don’ts