Anti-Money Laundering Policy - ISO - SEC - HELLENIC DEPARTMENT

This Anti-Money Laundering Policy is designed for our low-risk firm, because we wish to put in place a general policy in order to make our employees and external partners to be aware of money laundering, prevent money laundering taking place within or via ISO-SEC and what to do should any money laundering activity be suspected.

Money Laundering is the process of moving illegally acquired cash through financial systems so that it appears to come from a legitimate source.

Criminals will try to conceal the origin and true ownership of the proceeds of their activities in order to turn the money from “dirty” to “clean”. It is therefore important that ISO-SEC and our other business activities of our Group, to have procedures and policies in place to identify and prevent money laundering within our Group.

Even if ISO-SEC it is a Swiss Organization, we believe that the rules, laws and regulations of the UK, can provide you a good guide, as the same procedures and criminal offenses exists globally.

There are three main pieces of legislation that people of our Group needs to be aware of:

• The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 POCA applies to everyone but certain issues related to money laundering only apply to those engaged in activities in the “regulated sector”.

The ISO-SEC is a Swiss registered company providing mainly educational services. The business of the ISO-SEC is low risk in relation to money laundering, however in order to prevent any of our services being used (or potentially used) for any money laundering activity, as well as any of our staff being exposed to money laundering, we wish to put in place the following anti-money laundering policy.

The broad definition of money laundering means that potentially anyone could commit a money laundering offence, this includes all our employees, all temporary staff and outsourcing contractors.

Our policy is to enable the Company to meet its legal and regulatory requirements in a way which is proportionate to the low risk nature of our business (we aren’t a Bank, but we still receive and transfer money), by taking reasonable steps to minimize the likelihood of money laundering occurring.

All employees all temporary staff and outsourcing contractors, must be familiar with their legal responsibilities and failure to comply with this Policy may lead to disciplinary action and criminal penalties.

The Proceeds of Crime Act 2002 (POCA) consolidated, updated and reformed criminal law with regard to money laundering (for more about it, you can visit https://www.legislation.gov.uk/ukpga/2002/29/contents).

Money laundering can be defined as the process to move illegally acquired cash through financial systems so that it appears to be from a legitimate source. Money laundering offences include: concealing, disguising, converting, transferring criminal property or removing it from the UK (Section 327 POCA https://www.legislation.gov.uk/ukpga/2002/29/part/7); entering into or becoming concerned in an arrangement which you know or suspect facilitates the acquisition, retention, use or control of criminal property by or on behalf of another person (Section 328 POCA); and acquiring, using or possessing criminal property (Section 329 POCA).

There are also several secondary offences, failure to disclose knowledge or suspicion of money laundering to the Money Laundering Reporting Officer

(MLRO); failure by the MLRO to disclose knowledge or suspicion of money laundering to the National Crime Agency; and ‘tipping off’ whereby somebody informs a person or persons who are, or who are suspected of being involved in money laundering, in such a way as to reduce the likelihood of their being investigated or prejudicing an investigation.

Any member of staff could potentially be caught by the money laundering provisions, if they suspect money laundering and either become involved with it in some way, and/or do nothing about it. This Policy sets out how any concerns should be raised.

With few words, if the MLRO of ISO-SEC finds out that someone probably he/she is attempting to make money laundering, MLRO must collect the evidences and report it to the Police, WITHOUT to inform the possible suspect, because if he does so, he can face criminal charges with 5 years imprisonment, because by informing the suspect/s he did what the law calls: “tipping off”.

By this said, the President of ISO-SEC informs that MLRO will inform the Police without to inform anyone!! Without to inform even the President.

The Company will appoint a MLRO to receive disclosures about money laundering activity and be responsible for anti-money laundering activity within the Company. The officer nominated to do this is the President, until an MLRO is hired.

The MLRO will ensure that appropriate training and awareness is provided to new and existing employees/temporary staff/contractors and that this is reviewed and updated as required.

By uploading the document, you read now, our MLRO makes the first step to educate staff and partners and provide them situational awareness.

The MLRO will ensure that appropriate anti-money processes are incorporated by the Company.

All employees/temporary staff/contractors must immediately report any suspicious activity to the MLRO, by using the form below, as set out in this policy document.

Once the matter has been reported to the MLRO, the employee/temporary staff/contractor must follow the directions given to him/her and must NOT make any further enquiry into the matter.

The employee/temporary staff/contractor must NOT voice any suspicions to the person(s) whom they suspect of money laundering, as this may result in the commission of the offence of “tipping off” (reminder: 5 years imprisonment is the penalty for tipping off). They must NOT discuss the matter with others or note on the file that a report has been made to the MLRO in case this results in the suspect becoming aware of the situation.

Partner of the suspect can be also an employee/temporary/staff/contractor. So, DO NOT talk to anyone!! Just use the form below and report. That’s all.

Once the MLRO has received the report, it must be evaluated in a prompt/timely manner in order to determine whether:

• There is actual or suspected money laundering taking place; or

• There are reasonable grounds to know or suspect that this is the case; and

• Whether the MLRO needs to lodge a Suspicious Activity Report (SAR) with Swiss Law Enforcement Agencies.

Where the MLRO concludes that there are no reasonable grounds to suspect money laundering then consent will be given for any on-going or imminent transaction(s) to proceed.

Where consent is required from the NCA for a transaction to proceed, then the transaction(s) in question must not be undertaken or completed until the NCA has given specific consent, or there is deemed consent through the expiration of the relevant time limits without objection from the NCA.

All disclosure reports referred to the MLRO and reports made to the NCA will be retained by the MLRO in a confidential file kept for that purpose, for a minimum of five (5) years.

The MLRO must also consider whether additional notifications and reports to other relevant enforcement agencies should be made.

Due diligence is performed on all customers/students/other who must provide basic information including name, address, VAT number, copy of ID card/Passport, and registration details for companies.

With instructions from new customers or customers not known well to ISO-SEC, customers in known high risk industries and/or jurisdictions, transactions that are unusual for the customer or other unusual requests, highly complex transactions or payment arrangements, ISO-SEC may wish to seek additional evidence of identity. This may include:

• checking the organization’s website to confirm the identity of personnel, its business address and any other details;

• attending the customer at their business address;

• searching the telephone directory;

• evidence or the personal identity of the key contact officer (passport, photo, driving license).

Where “relevant business” is carried out then the customer identification evidence and details of the relevant transaction(s) for that customer must be retained for at least five (5) years.