PesaNet
PesaNetLegal

Compliance Document

Anti-Money Laundering & Know Your Customer Policy

Effective Date: January 1, 2025Last Updated: March 27, 2026Policy Owner: Chief Compliance Officer

1. Purpose and Scope

PesaNet, Inc. is registered as a Money Services Business (MSB) with the Financial Crimes Enforcement Network (FinCEN) (Registration No.: [MSB-XXXXXXXX]) and holds money transmitter licences in all states where required. This AML/KYC Policy establishes the framework by which PesaNet complies with:

  • Bank Secrecy Act (BSA), 31 U.S.C. § 5311 et seq.
  • USA PATRIOT Act, Title III (International Money Laundering Abatement)
  • FinCEN regulations, 31 C.F.R. Part 1022 (Rules for Money Services Businesses)
  • OFAC regulations — compliance with all applicable sanctions programmes
  • Applicable state money transmitter statutes

This policy applies to all PesaNet products including the digital wallet, P2P transfers, peer lending, virtual card programme, and Agent network.

2. AML Compliance Programme

PesaNet maintains a written AML Compliance Programme that includes five core pillars:

2.1 Designated Compliance Officer

PesaNet has appointed a BSA/AML Compliance Officer responsible for day-to-day AML programme oversight, regulatory reporting, staff training, and coordination with law enforcement. The Compliance Officer reports directly to the Board of Directors.

2.2 Internal Controls

Our internal controls include:

  • Automated real-time transaction monitoring for suspicious patterns
  • Rule-based risk scoring of all transactions
  • Velocity checks on daily, weekly, and monthly transaction volumes
  • Geographic risk controls for high-risk corridors (planned)
  • Device fingerprint validation on all fund movements
  • Periodic review and escalation workflows for flagged activities
  • Structuring detection with four automated pattern types
  • Currency Transaction Report (CTR) auto-generation for $10,000+ daily aggregates
  • Sanctions screening against OFAC SDN, EU Consolidated, and UN Security Council lists
  • Compliance case management with investigation workflows

2.3 Independent Audit

PesaNet's AML programme is subject to independent audit at least annually. Audit findings are reported to the Compliance Officer and Board, and remediation timelines are tracked.

2.4 Training

PesaNet maintains a training management system that tracks AML training completion for all employees, contractors, and Agents. The system includes six mandatory training modules covering BSA/AML fundamentals, customer identification, suspicious activity recognition, SAR/CTR filing, sanctions compliance, and agent-specific compliance. Training is required at onboarding and annually thereafter.

2.5 Customer Due Diligence (CDD)

See Section 3 (KYC Programme) below.

3. Know Your Customer (KYC) Programme

3.1 Customer Identification Programme (CIP)

In accordance with 31 C.F.R. § 1022.210 and FinCEN's CIP rule, PesaNet collects and verifies the following information for all individual customers:

  • Full legal name — as it appears on government-issued identification
  • Date of birth — to confirm age eligibility and identity
  • Residential address — physical address (not PO Box)
  • Taxpayer Identification Number (TIN) — Social Security Number (SSN) or ITIN for US residents
  • Government-issued photo ID — passport, driver's licence, or national ID card

Identity is verified using a combination of document verification, biometric facial matching, and database cross-referencing. Identity documents are currently verified by PesaNet compliance staff. Integration with an accredited third-party identity verification provider for automated document verification and biometric matching is planned.

3.2 KYC Tiers

PesaNet operates a tiered KYC model aligned with transaction risk:

  • Tier 0 — Unverified: $100/day deposit limit; no withdrawals; $50/day transfer limit.
  • Tier 1 — Basic (Government ID or Selfie verified): $500/day deposit; $100 withdrawal limit; $250/day transfer limit.
  • Tier 2 — Identity Verified (Government ID + Selfie): $5,000/day deposit; $2,000 withdrawal limit; $3,000/day transfer limit.
  • Tier 3 — Full KYC (Government ID + Selfie + Proof of Address): $25,000/day deposit; $10,000 withdrawal limit; $15,000/day transfer limit.

3.3 Enhanced Due Diligence (EDD)

PesaNet applies Enhanced Due Diligence to:

  • Customers classified as Politically Exposed Persons (PEPs)
  • Transactions involving high-risk jurisdictions (FATF grey or black list countries)
  • Customers seeking transaction limits above $25,000/month
  • Customers flagged by automated risk scoring as high risk
  • Agents whose float transactions show anomalous patterns

EDD measures include collecting source of funds/wealth documentation, enhanced ongoing monitoring, and senior management approval for account continuation.

3.4 Business Customer Onboarding

PesaNet Agents (business entities) must provide:

  • Certificate of Incorporation or equivalent registration document
  • Beneficial ownership information for all individuals owning ≥ 25%
  • Government ID and biometric verification of the controlling person
  • Proof of business address
  • Tax ID (EIN for US entities)

4. Sanctions Screening

PesaNet screens all customers against the OFAC SDN List (Specially Designated Nationals),EU Consolidated Sanctions List, and UN Security Council Sanctions List using automated fuzzy name matching. Lists are refreshed daily. PEP screening and HM Treasury UK list integration are planned.

Screening occurs at onboarding and on an ongoing periodic basis against updated watchlists. Matched accounts are immediately frozen pending compliance review. True matches result in account closure and OFAC reporting.

5. Transaction Monitoring

5.1 Automated Monitoring

PesaNet's transaction monitoring system evaluates every transaction in real time using rule-based detection. Monitoring scenarios include but are not limited to:

  • Structuring detection with four automated pattern types — implemented
  • High-velocity transaction detection — implemented
  • Rapid succession detection — implemented
  • Unusual amount detection — implemented
  • New device combined with large transaction — implemented
  • Geographic anomalies: transactions from high-risk locations — planned
  • Round-trip transactions: funds sent and returned with no legitimate business purpose — planned
  • Dormant account reactivation with immediate high-value activity — planned

5.2 Investigative Process

Flagged transactions are reviewed by our compliance team within 24 hours. During review, the account may be temporarily restricted. Investigators apply a risk-based approach to determine whether the activity is suspicious, explainable, or requires escalation to SAR filing.

6. Suspicious Activity Reporting (SAR)

PesaNet files Suspicious Activity Reports with FinCEN via the BSA E-Filing System when we know, suspect, or have reason to suspect that a transaction:

  • Involves funds derived from illegal activity
  • Is designed to evade BSA reporting requirements
  • Has no lawful purpose and lacks a reasonable explanation
  • Involves the use of PesaNet to facilitate criminal activity

PesaNet's SAR management system supports the full lifecycle: draft creation, compliance officer review, approval, and electronic filing via the FinCEN BSA E-Filing System. SARs are filed within 30 days of detection (60 days if no suspect is identified). We maintain SAR-related records for 5 years per 31 C.F.R. § 1022.320. We do not "tip off" subjects of SAR filings.

7. Currency Transaction Reports (CTR)

PesaNet's automated system scans completed transactions daily and auto-generates CTR records for any user whose daily aggregate exceeds $10,000. Filing deadlines are tracked and overdue reports are flagged. CTRs are filed within 15 calendar days of the transaction. PesaNet maintains CTR records for 5 years.

8. Record Keeping

PesaNet maintains the following records per BSA requirements:

  • Customer identification documents: 5 years after account closure
  • Transaction records (all): 5 years from transaction date
  • SAR records: 5 years from filing date
  • CTR records: 5 years from filing date
  • OFAC screening records: 5 years
  • Training records: 5 years

9. Agent Compliance

All PesaNet Agents must:

  • Complete AML/KYC training before activation
  • Verify customer identity using PesaNet's prescribed process for all cash transactions
  • Report suspicious activity to PesaNet's Compliance team immediately
  • Comply with all applicable local money services regulations
  • Maintain transaction records accessible to PesaNet on request

Agents found to have facilitated money laundering or violated AML obligations will be immediately terminated and reported to relevant authorities.

10. Policy Review

This AML/KYC Policy is reviewed at least annually by the Compliance Officer and updated to reflect changes in applicable law, regulatory guidance, and emerging typologies. Material changes are reported to the Board.

11. Contact the Compliance Team