WIXLIB

Page 4 of 12AAKMG004considered. Under the Enhanced Customer Due Diligence(ECDD) Policy, a customer will be asked for more personalinformation, which may include but is not limited to:1. Secondary identity details, e.g. Credit cards, driverslicense, utility bills etc.;2. Occupation;3. Date of birth;4. Nationality;5. Place of Birth;6. Alias or other names used in the past;7. Purpose of the transaction(s);8. Relationship between the receiver & the sender;9. Source of funding.For the aforementioned it would be required thatdocumentary evidence is requested and held (wherepossible and appropriate) as verification of the facts aspresented.The ECDD Policy shall be applied when any of thefollowing situations arise: The name of a sender or receiver hits any of theGovernment sanctions lists (e.g. OFAC, DFAT, etc); The transaction pattern of the customer looks suspicious; Factors include the age of the person sending orreceiving the funds; Knowledge obtained from the Australian Bureau ofStatistics (ABS) regarding income for professions; Jurisdictions and various corridors identified or knownas high risk. This would include those corridorsexperiencing political unrest and the like; Increase of activity through corridors with no apparentunderlying reason; Customer or employee appears to structure transactionsin an attempt to avoid AML record keeping or reportingrequirements; An individual provides minimal or fictitiousinformation concerning their name & other identifying data; A customer engages in a discussion with anemployee to try to determine ways to avoid reporting orrecord keeping requirements; A customer uses a false or obviously altered ID or apolice certificate and/or consular affidavit; A customer is unable or unwilling to provide ID; Two or more customers use the same or similar IDs; A customer appears to have a nervous or suspiciousdemeanor; A customer tries to alter his/her transaction after beingasked to show ID; A customer deliberately changes the spelling of his/hername on multiple transactions; A customer states he/she does not have a localaddress but he/she appears to reside locally because he/she is a repeat customer; Two or more customers apparently work together tobreak one transaction into two or more transactions toavoid record keeping requirements (i.e. AUD10,000); A customer uses two or more locations or cashiers onthe same day to process transactions; A customer offers bribes, tips or threatensemployees to avoid record keeping requirements; A customer admits that the cash for his/hertransactions came from illegal conduct; A customer makes large transactions that are notconsistent with his/her occupation or business practice; A customer has no business or apparent lawfulpurpose to transfer the money; When it is known that a money transfer is to facilitatecriminal activity; A sender sends money to a person whom the senderdoes not know or is not familiar with and the purpose oftransaction relates to a lottery or internet purchase; Senders or receivers having the same residentialaddress with no known relationship; Receiving or sending money by parties that arevisibly acquainted, but the transactions appear not to berelated; Any other factors drawing the Affiliates Compliance’sattention and leading to a decision of not paying out themoney without first obtaining further information from thesender, receiver or both.A Compliance Officer is appointed to ensure theAffiliate is in compliance with this document and therequirements under the AML and CTF Act.A3. Monitoring of TransactionsThe Affiliate will put in place a monitoring systemto review transactions on a daily basis. Suspicioustransactions are highlighted and alerts are generated forfurther reviews (ECDD) by the compliance staff.If necessary, MoneyGram will conduct special review ofareas or transmission corridors that have been identifiedby Regulators, law enforcement agencies, or throughprior MoneyGram experience, as areas that may be moresusceptible to criminal activity, including the financing ofterrorism.A4. Suspicious ActivityStructuringStructuring is the act of breaking up large transactions intoseveral smaller transactions to avoid providing personallyidentifying information.Many money launderers are familiar with the dollarthresholds that require record keeping & reporting.To remain anonymous and avoid the detection oflaw enforcement officials, money launders attemptto process transactions to avoid triggering recordkeeping and/or reporting requirements. The processingof transactions that avoid record keeping and/or reportrequirements is known as “structuring”.Money launderers may also attempt to trick employeesinto allowing them to structure transactions by splittingup transactions with several accomplices or by trying to“con” employees with a hard luck story. Employeesneed to be on the lookout for structuring so that theycan prevent it from occurring.It is not appropriate and is suspicious to structuretransactions or to help customers avoid record keepingor reporting requirements. Employees should not tellor even imply to a customer that he/she canavoid providing information by conducting transactionsof smaller amounts.The following examples of potential structuring arespecifically designed to avoidrecord keepingA

AAKMG004requirements that should be reported for further research,review & possible suspicious transaction reporting.1. A customer asks to send five money transfers to thesame receiver for AUD2,000 each, totalling AUD10,000.2. Early in the morning, a customer has sent a moneytransfer for AUD5,000. Later in the day, the samecustomer returns and sends another money transfers tothe same receiver for AUD5,000. When combined, thetwo transactions total AUD10,000.3. A customer visits two different MoneyGram Affiliate’slocations on a single day & conducts two money transfersof AUD5,500 at each location and both transactions aresent to the same receiver.It is not appropriate for the Affiliate, its employees orcustomers to structure transactions in order to avoidthe record keeping or reporting requirements.Employees should never help anyone structure atransaction to avoid AML reporting or record keepingrequirements.Employees should never tell customers how to avoidany transaction limitation.Suspicious ActivityPage 5 of 12 A customer uses two or more locations or cashiers onthe same day to process transactions; A customer offers bribes,tips or threatens employees toavoid record keeping requirements; A customer admits that the cash for his/hertransactions came from illegal conduct; A customer makes large transactions that are notconsistent with his/her occupation or business practice; A customer has no business or apparent lawful purposeto transfer the money; When it is known that a money transfer is to facilitatecriminal activity; A sender sends money to a person whom the senderdoes not know or familiar with and the purpose oftransaction relates to a lottery or internet purchase; During corridor transaction review, when a group ofsenders having the same residential address in Australiasend money on the same day to the same receiver in anoverseas country while their total send amount is higherthan the reporting threshold of AUD10,000.(The above suggestions are not exhaustive and theremay be other scenarios which the Affiliate may considersuspicious).Affiliate Procedures in Reporting Structuring andSuspicious Activity1. The Affiliate has employed a monitoring systemto review transactions on a daily basis. Suspicioustransactions are highlighted and alerts are generated forfurther reviews by compliance staff.2. Compliance staff also reviews Australian transactionsthrough various corridors every month to highlight andidentify any suspicious transactions.Many factors are involved in determining whether3. If any Affiliate’s employee discovers any suspicioustransactions are suspicious, including, but not limited toactivities, transactions or violations of this Compliancethe amount, the location of the store, comments madeProgram, the employee is required to report theby the customer, the customer’s behaviour andsuspicious activities to the compliance staff regardlessthe customer’s previous transaction history. Details ofof the dollar amount. Upon receiving the information, theECDD results are also most relevant in the processcompliance staff shall investigate the case as soon asof determining the legality of the transaction.possible.The following list provides examples of potentially4. Suspicious activities or transactions may besuspicious activity that may be identified for furtherreferred to the compliance staff. Upon receiving theresearch, review & possible reporting to AUSTRAC:information, the compliance staff shall investigate the A customer or employee appears to structurecase as soon as possible.transactions in an attempt to avoid AML record5. If a suspicion on structuring, money laundering,keeping or reporting requirements;terrorist financing or other criminal activity is formed, a An individual provides minimal or fictitious informationSMR shall be prepared and submitted to AUSTRACconcerning their name & other identifying data; A customer engages in a discussion with an by the compliance staff authorized to have access toemployee to try to determine ways to avoid reporting or AUSTRAC On-Line.6. After the SMR has been successfully submitted torecord keeping requirements;AUSTRAC, the compliance staff shall keep a record of A customer uses a false or obviously altered ID;the SMR and AUSTRAC’s acknowledgement receipt in A customer is unable or unwilling to provide ID;filesfor record purposes. Two or more customers use the same or similar IDs; A customer tries to alter his/her transaction after being Employees must not alert the customer conductingasked to show ID;the suspicious transaction of their suspicions or A customer deliberately changes the spelling of his/her that a SMR has been or will be filed.name on multiple transactions; A customer states he/she does not have a local Having considered the above risk mitigation & controladdress but he/she appears to reside locally because he/ measures the money transfer business is regarded asHIGH RISK in ML and TF.she is a repeat customer; Two or more customers apparently work together to In the case where there are significant changes in ML orbreak one transaction into two or more transactions to TF risk for the purpose of this Program, MoneyGramavoid record keeping requirements (i.e. AUD10,000);shall recognize the changes and re-assess basedSuspicious activity can vary from one transaction toanother based on the circumstances surrounding thetransaction or group of transactions.One customer’stransaction(s) may be normal based on knowledge of thatcustomer, while another customer’s transaction(s) may besuspicious.

AAKMG004Page 6 of 12on the Risk Model and other Risk Indicators of the ML& TF risk posed by the following factors:A6. Registration Obligations under the AML andCTF Act (2006)a. All new designated services, including money transferservice, prior to introducing them to the market;b. All new methods of designated service delivery,including money transfer service, prior to adopting them; &c. All new or developing technologies used for theprovision of a designated service prior to adopting them.The provision of MoneyGram money transfer service inAustralia falls under the definition of “registrable designatedremittance service” in section 5 of the AML/CTF Act. It isa legal requirement for providers of MoneyGram moneytransfer service to register with AUSTRAC.MoneyGram, on behalf of its Affiliate, must submit acomplete registration application to AUSTRAC beforestarting to provide money transfer service. TheThe Affiliate has to appoint a Compliance Officer to beregistration application shall be submitted by either of theresponsible for AML & CTF compliance responsibilities.following methods:The following factors are considered when designatingwho undertakes the roles of the Compliance Officer:a) Online Registration1. IndependenceAn application will be submitted on behalf of Affiliates by2. SeniorityMoneyGram through this link: https://online.austrac.gov.3. Accountabilityau/ao/login.seam.4. Reporting Linesb) Written Registration Form5. Access to executive/board6. Relevant skills & experience, including knowledge of the The Registration Form can be submitted in writing to thebusiness & the legal obligations under the AML & CTF Act office of AUSTRAC.MoneyGram registered with AUSTRAC and has fulfilledThe responsibilities of the Compliance Officer as well asthe registration requirement under the AML & CTF Act.the senior management of the Affiliate include:A5. Appointment of Compliance Officer THE ADOPTION OF THE MONEYGRAM AML/CTFPROGRAMME; Ensuring continuing compliance with the requirementsof the AML & CTF Act, AML & CTF Rules & relevantguidelines or guidance notes issued by AUSTRAC; Coordinating the AML & CTF Compliance Program; Reviewing & updating the Compliance Program, policies& procedures as necessary owing to changes in laws orregulations; Ensuring AML and CTF risk awareness training isconducted in an effective manner for all appropriateemployees based on a risk assessment training model; Ensuring all training is documented, including the date oftraining, name of the trainer/trainee & topics discussed; Ensuring employee due diligence program; Ensuring accurate record keeping and reporting asmandated by the AML and CTF Act; Ensuring that the Compliance Program is subject toperiodic independent reviews; Cooperating with law enforcement or AUSTRAC on AMLinvestigations; Consider any AUSTRAC feedback regarding theAffiliate’s risk management performance; Acting as the contact officer for AUSTRAC matters,including but not limited to, the filing of relevant reports,urgent reporting, compliance audits or requests forinformation or documents; Ensuring that there is a process to allow staff to reportviolations of the Compliance Program confidentially, withalternative arrangements if the Compliance Officer isimplicated; Conducting initial due diligence & ongoing evaluation onany third party AML and CTF compliance-related serviceproviders, if any; Ensuring that transaction records are properly kept inaccordance with Part 10 of the AML and CTF Act; Acting as the contact officer for law enforcementmatters, including but not limited to, the urgent reportingand/or requests for information or documents.A7. Reporting Obligations under the AML andCTF Act (2006)Under the AML & CTF Act, a reporting entity, includingMoneyGram & each of its Affiliates, have to comply withthe following requirements under the AML & CTF Act:a) Section 41 – Reports of Suspicious MattersWhen the Affiliate has any suspicion on the transactionpattern of any customer that the activities may relate toML or other criminal activities, it is obliged to submit aSMR to the AUSTRAC CEO within 3 business days afterthe suspicion is formed. For suspicious activity relating toTF activities, the SMR has to be submitted within 24hours after the suspicion is formed. The original SMRForm is available from AUSTRAC and is available throughAUSTRAC Online.b) Section 123 – Offence of Tipping OffIf a suspicious matter has been reported to AUSTRACCEO or a suspicious matter reporting obligation hasformed under section 41 of the Act, the reporting entitymust not disclose to someone other than the AUSTRACCEO or a member of AUSTRAC that the information hasbeen communicated to the AUSTRAC CEO or thesuspicious opinion is formed, unless exceptions apply.The Affiliate’s Compliance staff are responsible forreviewing & identifying any suspicious transactionsor matters arising from MoneyGram money remittanceservices.c) Section 43 – Reports of Threshold Transactions(for transaction at or above AUD10,000)When a transaction amount reaches AUD10,000, areporting entity has to submit a Threshold TransactionReport (TTR) to AUSTRAC within 10 business days.MoneyGram has put in place an alert in its automaticmonitoring system to highlight any transaction amountreaching or exceeding AUD10,000. Upon generation ofsuch an alert, MoneyGram will submit a report toAUSTRAC.A

2AAKMG004d) Section 45 – Reports of International FundsTransfer Instructions (IFTI)All international fund transfer transactions have to bereported to AUSTRAC by each reporting entity.MoneyGram is responsible for completing & submittingIFTI report electronically on behalf of all its Affiliatesregistered with AUSTRAC in Australia.e) Section 47 – AML & CTF Compliance ReportAs registered designated remittance service providers inAustralia, MoneyGram & its Affiliates are required toprovide a Compliance Report to AUSTRAC regardingtheir compliance with the AML and CTF Act 2006 and theAML and CTF Rules.Page 7 of 12employee who, if employed, may be in a position tofacilitate the commission of a money laundering orfinancing of terrorism offence in connection with theprovision of a designated service by the reporting entity.The Employee Due Diligence Program has includedappropriate systems & controls for the reporting entity todetermine whether to, and in what manner to, re screenan employee where the employee is transferred orpromoted and may be in a position to facilitate thecommission of a money laundering or financingof terrorism offence in connection with the provision of adesignated service by the reporting entity.MoneyGram is responsible for completing & submittingthe Compliance Report electronically on behalf of all itsAffiliates registered with AUSTRAC in Australia.The Employee Due Diligence Program has establishedand maintains a system for the reporting entity tomanage any employee who fails, without reasonableexcuse, to comply with any system, control or procedure.A8. AML & CTF Risk Awareness Training ProgramEmployment Reference Check for New EmployeesTraining requirementsEmployment references are required for all prospectiveand new employees.Training must be provided to all employees who areinvolved in the MoneyGram money transfer service inAustralia and the contents of training must include at aminimum: The concept of money laundering & financing of terrorism; Identifying suspicious activity & structured transactions; Prevention of Fraud; How to comply with the record keeping and reportingrequirements under the AML & CTF Act (2006); KYC policy.Identity Verification on EmployeeAll employees are required to bring in their passport/photo ID on their first day of joining. Sighting of theoriginal i

Adoption of the Compliance Program Statement of Policy Purpose of the compliance program & message to moneygram affilaite employees PART A A1. Money Laundering and Terrorist Financing A2. Identification of Money Laundering &Terrorist Financing Risks A3. Monitoring of Transactions A4. Suspicious Activity A5. Appointment of Compliance Officer A6.