At Vendgram Inc, we are devoted to fighting financial crime in all of its manifestations, including money laundering, terrorism financing, bribery, and corruption. To this purpose, Vendgram Inc has maintained a framework for Anti-Money Laundering (“AML”), Countering Terrorism Financing (“CFT”), and Preventing the Financing and Proliferation of Weapons of Mass Destruction (“PFMD”). Strict adherence to the same is required of all Group employees.

This framework complies with global anti-money laundering and counter-terrorist financing legislation and regulations and incorporates leading best practices.

1) The Frameworks’s Structure

Vendgram Inc has developed policies and procedures that are periodically reviewed/revised to ensure they stay relevant and current and are consistent with growing regulatory requirements and industry best practices. The Policies and Procedures clarify Vendgram Inc’s AML and CFT stance in the global battle against financial crime and are accessible to all members of staff at any time via Vendgram Inc’s intranet site.

Vendgram Inc’s Compliance Policies are reviewed and approved annually by the Board of Directors, and if updates are required between cycles, an amendment is developed for implementation and integrated into the Policy at the next annual review. Vendgram Inc has shifted away from a “rule-based, check-box” approach to financial crime risk management in favor of a risk-based strategy. Thus, Vendgram Inc proactively detects and assesses risks and assigns the necessary resources focused on risk management systems and controls.

2) The Framework’s Scope

The scope of Vendgram Inc’s anti-money laundering and counter-terrorist financing framework covers the following:

2.1) Responsibilities of the Board of Directors and Management

The Board of Directors/ Senior Management of Vendgram Inc is responsible for overseeing AML/CFT compliance framework. The Board of Directors assures that Vendgram Inc’s management and its staff absolutely adhere to all regulatory and internal anti-money laundering/counter-terrorist financing protocols, and that Vendgram Inc has a zero tolerance policy for regulatory infractions. Global AML/CFT best practices state that the “tone is set from the top.” The Board of Directors appoints Vendgram Inc’s Designated Chief Compliance Officer.

2.2) Reports To Senior Management and the Board of Directors

AML and CFT reports are submitted to Senior Management and the Board of Directors on a monthly and quarterly basis, respectively. These reports provide information to the Board of Directors and senior management that enables them to assess Vendgram Inc’s compliance with regulatory requirements. Additionally, the reports keep Directors and senior management informed of current trends and developments in the financial industry, notably in the area of anti-money laundering/counter-terrorism financing risk management.

2.3) Procedures for Know Your Customer (KYC):

A properly completed account opening form, as well as the submission of identity and other pertinent information and papers, serve as the foundation/bedrock for a customer’s onboarding into Vendgram Inc.

Prior to engaging in any business engagement with a customer, Customer Due Diligence (CDD) is undertaken. This includes, but is not limited to, verifying the customer’s identification and address, as well as determining the customer’s source of income and wealth. KYC may include determining the identity of the Ultimate Beneficial Owner (UBO), legal representatives, and trustees. EDD is undertaken on high-risk consumers, such as Politically Exposed Persons (PEPs). Prior to engaging into a relationship with a high-risk country, Senior Management and Compliance must approve it.

Vendgram Inc takes the necessary and regulatory steps before entering into connections with Designated Non-Financial Businesses and Professionals (DNFBPs) and other prescribed businesses, based on their estimated risk and in accordance with regulatory regulations. Identification documents are requested and collected as part of Vendgram Inc’s KYC and CDD procedures to identify the ultimate beneficial owners of a business, as well as the organization’s control and structure. Sanction screening is also performed prior to entering into a relationship or initiating a transaction to ensure that Vendgram Inc does not enter into a connection with a sanctioned person/entity.

Vendgram Inc complies with the Foreign Account Tax Compliance Act (FATCA) and Common Reporting Standards standards, and has therefore implemented mechanisms for identifying designated persons in the Vendgram Inc database. All identifiable US citizens must complete the required tax forms, namely the W8 BEN, W8 BEN-E, and W9. A customer who does not complete the required forms is deemed stubborn.

2.4) Transaction Surveillance:

Transaction monitoring is performed both manually and automatically. The former is carried out by all employees, who are routinely supplied with red flags to watch for, while the latter is handled by the Compliance Unit.

All employees are informed that suspicious activities/transactions should be reported immediately to the Compliance Unit.

Suspicious Transactions are brought to the Compliance Unit’s notice manually or automatically, with the former via internal suspicious transaction reports filed with the Compliance Unit and the latter via transaction monitoring tools examined by Compliance Officers. If considered necessary, a report is submitted to the appropriate regulatory body. To effectively monitor transactions coming through Vendgram Inc’s systems, the SAS Anti-Money Laundering tool has been fully implemented, representing a significant development in the way transactions are monitored and probed.

2.5) Reporting on Transactions:

Specific regulatory and statutory obligations demand the submission of certain reports and returns to regulatory organizations.

As a result, Vendgram Inc submits reports to the regulating agency.

2.6) Relationships with Regulators and Law Enforcers:

Vendgram Inc recognizes that cooperating with law enforcement agencies in the fight against financial crime is a component of its corporate and social duty. Vendgram Inc strives to do this by maintaining a pleasant and cooperative relationship with all regulatory and law enforcement bodies. Vendgram Inc complies with all requests made in a timely manner and in accordance with the law and delivers data to regulators and other appropriate government entities.

Vendgram Inc is also a leader in collaborating with regulators to provide feedback on new legislation and methods for mitigating the risks inherent in the financial industry as a result of new developments and emerging trends.

2.7) Management of Sanctions Compliance:

As a general guideline, Vendgram Inc avoids dealing with sanctioned individuals/entities. All personnel are obliged to screen names of individuals and organizations that have or want to enter into a commercial connection or conduct a transaction with/through Vendgram Inc against Vendgram Inc’s internal watch list, as applicable to their functions.

The internal watch list includes the names of individuals and entities that have been blacklisted by various regulatory bodies worldwide, including the Office of Foreign Asset Control (“OFAC”); the European Union (EU); Her Majesty’s Treasury (HMT); the French Ministry of Economy, Finance, and Industry (MINEFI); and the United Nations (UN). Employees are obligated to abstain from relationships and/or transactions that result in a true or positive match and to follow the escalation procedure as part of Vendgram Inc’s policy. Sanctions screening is performed at account opening and for all SWIFT transactions in real time.

2.8) Individuals Who Have Been Politically Exposed (PEPs)

Individuals who are or have been entrusted with major public tasks, as well as individuals or companies linked with them, are considered PEPs. PEPs, like other high-risk customers, are subject to enhanced due diligence requirements to mitigate the AML/CFT risk they pose. This is to ensure that Vendgram Inc does not unwittingly promote money laundering and/or terrorism funding activities. Vendgram Inc complies with the FATF’s requirement by utilizing an automated monitoring technology to identify and monitor PEP transactions. This is accomplished by doing an in-depth analysis of the information provided by customers and their transaction trends.

The establishment of new PEP accounts, as well as the continuation of existing PEP accounts (in the system), are subject to the approval of an Executive Director and the Compliance Unit.

2.9) Principles of Anti-Money Laundering and Counter-Terrorism Financing for Correspondent Banking:

Vendgram Inc enters into and maintains correspondent banking connections with financial institutions that have adequate anti-money laundering and counter-terrorist financing policies and processes in place. Vendgram Inc does not maintain any payable through accounts or partnerships with shell banks. Vendgram Inc conducts annual due diligence on our correspondent connections to mitigate AML/CFT concerns.

2.10) Business Relationships That Are Prohibited

In accordance with international best practices, Vendgram Inc does not construct accounts or perform transactions on behalf of customers using pseudonyms or numbers rather than their true names, nor does it retain relationships with sanctioned individuals or entities.

2.11) Assessment of Risk

Risk assessment is carried out by Vendgram Inc on its clients, products, and services. This is to ensure that anti-money laundering and counter-terrorist financing concerns are detected and mitigated.

2.12) Anti-Corruption and Anti-Bribery (ABC) and Anti-Fraud

Vendgram Inc is committed to the highest ethical standards in all of its business dealings and contacts. Vendgram Inc has a zero-tolerance policy for any sort of bribery, corruption, fraud, or unethical behavior among workers, as well as between Vendgram Inc and its employees and external parties. Vendgram Inc likewise expects third parties acting on its behalf to adhere to the same criteria.

2.13) Training in Anti-Money Laundering and Counter-Terrorism Financing

Vendgram Inc places a strong premium on employee training. Training is provided to ensure that employees are knowledgeable with AML/CFT legislation, the concepts of Know Your Customer (KYC), and the red flags of money laundering or terrorism financing that may occur in the course of their job functions. All employees, including senior management and directors, are required to attend annual compliance training.

Training is provided to suitable staff via e-learning, face-to-face meetings, or on an ad hoc basis via email in response to recent national and worldwide discoveries.

2.14) Audits of AML/CFT:

To ensure compliance with rules and an ever-evolving fit for purpose Compliance function, a quarterly internal audit of the AML/CFT function is done. The audit’s objective is to assess the adequacy of Vendgram Inc’s anti-money laundering and counter-terrorism financing functions and to ensure that the anti-money laundering and counter-terrorism financing mechanisms in place are effective.

The audit report and conclusions are distributed to senior management. A follow-up audit is conducted to ensure that all pertinent concerns are resolved and highlighted recommendations are executed.

2.15) Retention of Records:

Customer identification documents are held for the duration of the account and for a period of five years following the termination of the Vendgram Inc relationship, as well as for five years following the date of the transaction for transaction instruments. In the event of litigation and/or regulatory inquiries, records will be retained for the duration of the inquiry.

2.16) Protection of Personal Data:

Vendgram Inc has an approved Data Protection Policy that is updated on an as-needed basis to reflect changes in the legal, regulatory, and operational environment. Vendgram Inc completely adheres to both domestic and international data privacy laws, including the National Data Protection Regulations in the countries in which we operate and the European Union’s General Data Protection Regulation (EU-GDPR.)