PLD-FT policy

MONEY LAUNDERING PREVENTION POLICY 

AND TERRORIST FINANCING (PLD-FT)

‍

SUMMARY

‍

1. CONCEPTS AND ACRONYMS

2. OBJECTIVES

3. SCOPE

4. REFERENCES

5. GOVERNANCE, RESPONSIBILITIES AND ATTRIBUTIONS

6. WEBPEAK PLD-FT PROGRAM

6.1. ABR - Risk-Based Approach

6.2. Internal risk assessment (RIA)

6.3. Monitoring and analysis of suspicious situations

6.4. Identification and Registration Procedures

6.5. Reporting Operations

7. KEEPING RECORDS AND DOCUMENTS

8. FINAL PROVISIONS

‍

‍

1. CONCEPTS AND ACRONYMS

ABR: Risk-Based Approach.

AIR: Internal Risk Assessment.

Directors: individuals who are part of the management, responsible for conducting its strategic affairs.

Final Beneficiary: natural person or natural persons who jointly own, control or significantly influence, directly or indirectly, a client on whose behalf a transaction is being conducted or benefits from it.

Register: an electronic record of the information and identification documents of clients, partners, employees and their legal representatives.

COAF: Council for the Control of Financial Activities.

Collaborators: individuals, partners, employees, trainees, representatives or in any way related to the Company, who occupy or will occupy functions or positions.

UNSC: United Nations Security Council.

CVM: Securities and Exchange Commission.

Terrorist Financing: when someone, directly or indirectly, by any means, provides financial support, supplies or gathers funds with the intention that they will be used or in the knowledge that they will be used, in whole or in part, by terrorist groups to carry out terrorist acts. It is the process of covertly distributing resources to be used in terrorist activities. These funds usually come from the activities of other criminal organizations involved in drug, arms and ammunition trafficking and smuggling, or they can be derived from illicit activities, including donations to "front" charities. The methods used by terrorists to conceal the link between themselves and the sources of their funding are generally similar to those used in money laundering. However, terrorists usually use legally obtained funds in order to reduce the risk of being discovered before the terrorist act.

Supplier: an individual or legal entity, public or private, national or foreign, as well as non-personalized entities, which carry out production, assembly, creation, construction, transformation, import, export, distribution or commercialization of products or services, considered relevant under the terms of ICVM 617/19 and other internal regulations related to the selection, monitoring and contracting of suppliers.

Statutory Functions: all functions, positions or posts in the Company established by law or regulation.

Money laundering: a process that consists of concealing or disguising the nature, origin, location, disposition, movement or ownership of goods, rights or values derived, directly or indirectly, from a criminal offense. This process, through which funds from criminal activities can be introduced into the economic system, involves three independent stages that often occur simultaneously: placement, concealment and integration. It is always a consequent crime, which takes place after another antecedent crime, such as drug trafficking, corruption, illegal trade or arms trafficking, trafficking or sexual exploitation of people, organ trafficking and tax fraud.

Partner: legal entity or natural person with which Webpeak enters into an arrangement, establishing a cooperation agreement to achieve common interests.

Politically Exposed Persons: defined in ICVM 617/19.

PLD-FT: prevention of money laundering and terrorist financing.

Relevant Positions: all Statutory Functions, as well as those directorship, management or other leadership positions held in the various departments and areas of Webpeak.

PLD-FT Program: Webpeak's program, established by this Policy, aimed at combating money laundering and terrorist financing.

Legal representatives: natural persons who act as representatives, agents or proxies for clients, partners and collaborators, by virtue of law or contract.

‍

2. OBJECTIVE

This document aims to establish the Prevention of Money Laundering and Combating the Financing of Terrorism (PLD-FT) Policy in Webpeak's business environment, in order to preserve a good reputation and avoid fines and sanctions from regulatory bodies.

This Policy for the Prevention of Money Laundering and Terrorist Financing ("Policy") of Webpeak ("Company") provides for the guidelines related to the prevention and combat of money laundering and terrorist financing crimes, as provided for in Law No. 9,613/98 and subsequent amendments, as well as in compliance with CVM Instruction No. 617/2019, among other regulations related to the subject.

The main objectives and guidelines of the Policy are:

• Define roles and responsibilities for fulfilling the obligations of this Policy;
• Carrying out an internal assessment of risks, procedures and internal controls, seeking to prevent and detect operations or situations that present atypical characteristics, in order to combat money laundering and terrorist financing crimes, with a view to the company's integrity;
• Define procedures for the evaluation and prior analysis of new products and services, as well as the use of new technologies, in view of the risk of LD-FT;
• Verify compliance with the policy, procedures and internal controls, as well as the identification and correction of deficiencies;
• Establish guidelines, definitions and procedures for identifying, verifying and monitoring clients;
• Establish criteria for identifying, verifying and periodically monitoring suppliers, partners and collaborators;
• Selecting and hiring employees and service providers with a view to the risk of LD-FT;
• Define general guidelines for training on the subject of PLD-FT, aimed mainly, but not only, at the company's employees; and
• Establish conditions and obligations for updating, maintaining and keeping documents related to the planned guidelines.

As for the guidelines for implementing the procedures, they are: (i) collecting, verifying, validating and updating registration information in order to get to know clients, employees, partners and third-party service providers; (ii) registering transactions and financial services; (iii) monitoring, selecting and analyzing suspicious transactions and situations; and (iv) reporting transactions to the Financial Activities Control Board (COAF).

‍

3. SCOPE

This Policy is compatible with risk profiles and applies to all of the Company's clients, employees and partners.

‍

4. REFERENCES

This Policy should be read and interpreted in conjunction with the following documents, among others that may be applicable:

• Law No. 9.613, of March 3, 1998 and subsequent amendments, including Law No. 12.683, of July 9, 2012 (Money Laundering Law);
• Law No. 13.260, of March 16, 2016, which regulates the provisions of item XLIII of art. 5 of the Federal Constitution, disciplining terrorism, dealing with investigative and procedural provisions and reformulating the concept of terrorist organization;
• Law No. 13.810, of March 8, 2019 (UNSC Sanctions Law);
• Law No. 13.974, of January 7, 2020 (COAF Law);
• Law no. 6.385, of December 7, 1976 (Capital Markets Law);
• CVM Instruction 461 of October 23, 2007 (ICVM 461);
• CVM Instruction 617, of December 5, 2019 (ICVM 617);
• Standards issued by COAF;
• Webpeak's Privacy Policy and Terms and Conditions of Use.

‍

5. GOVERNANCE, RESPONSIBILITIES AND ATTRIBUTIONS

Webpeak's governance structure ensures compliance with this policy and its internal procedures and controls. All employees, within the scope of their respective activities and spheres of competence, have roles and responsibilities under the terms of this Policy and Webpeak's PLD-PT Program.

‍

6. WEBPEAK PLD-FT PROGRAM

In compliance with national standards and international guidelines on PLD-FT, Webpeak has established a Program based on the following pillars:

1. ABR - Risk-Based Approach

Webpeak uses a risk-based approach (RBA) in order to identify, analyze, understand and mitigate the LD-FT risks inherent in the activities, products and services it provides.

To this end, the PLD-FT Internal Procedure (IP) must contain the company's detailed ABR, including identification of the products offered by Webpeak, as well as details of the methodology adopted for classifying customers.

Depending on the variables identified in the classification process, customers should be segmented by LD-FT risk - high, medium and low. Detailed internal procedures for classifying, identifying and monitoring customer risks will be provided for in the PLD-FT PI.

‍

2. Internal risk assessment (RIA)

The Financial Action Task Force (FATF) has defined risk categories that make it possible to adopt reinforced management and mitigation controls for the situations, operations and clients with the highest risk, and to adopt simplified controls for those with the lowest risk. 

In order to identify the risk of using products and services in the LD-FT practice, the internal assessment considers risk profiles, such as customers and activities carried out by employees, partners and service providers. Those identified have their probability of occurrence and magnitude of impact - such as financial, legal and reputational - assessed.

‍

3. Monitoring and analysis of suspicious situations

Suspicious situations are those that show signs of the institution being used to commit the crimes of money laundering and/or terrorist financing, such as:

• Transactions carried out and products and services contracted which, considering the parties involved, the amounts, the ways in which they were carried out, the instruments used or the lack of an economic or legal basis, could constitute evidence of LD-FT;
• Operations and situations that may indicate suspicions of terrorist financing.

4. Identification and Registration Procedures

The basic premise of PLD-FT is to monitor Webpeak's activities and relationships with customers, employees and partners.

In order to be able to carry this out, it is necessary to have previously identified and verified these individuals, as well as the risks inherent in dealing with them, which is done by complying with and observing the following procedures:

• Know Your Client (KYC) IP;
• Know Your Employee (KYE) IP;
• PI for Selecting, Hiring and Monitoring Partners.

These IPs contain the main guidelines to be adopted when identifying customers, employees and partners, including actions such as, but not limited to, capturing and consulting public databases on LD-FT risks.

‍

5. Reporting Operations

Once the existence of crimes related to LD-FT is confirmed, the client and the operations will be reported to COAF and/or the securities market regulators. These reports are made in confidence, without the knowledge of those involved or third parties.

In addition, the company ensures that periodic monitoring is carried out to ensure the implementation and adequacy of this Policy, as well as the procedures and internal controls.

‍

7. RECORDS AND DOCUMENTS

Pursuant to article 22, paragraph 2, of ICVM 617/19, all information, documents and reports, among others, dealing with investigations into indications of LD-FT are confidential and must not, under any circumstances, be made available to Clients or third parties, including the party to which the information refers.

‍

8. FINAL PROVISIONS

Exceptions in the handling of situations not provided for in this Policy, when applicable, will be assessed by the directors, who may, in the light of a specific case and observing the specific procedures, authorize any exceptions to the internal procedures provided for herein, provided that they justify their decision, which must, in this case, be unanimous.

These rules shall be reviewed every two years or less as a result of changes to the legislation or regulations applicable to Webpeak or any relevant changes to its business and activities. Such changes will only take effect after approval by the directors.

These rules will come into force once they have been approved and published on Webpeak's website , making them available for consultation by all interested parties.