AML/CFT Policy - Polapine Digital

Our Role as a Technology Provider

Polapine Digital operates as a payment orchestration SaaS (Software as a Service) platform - a technology provider that routes transactions to third-party payment processors. We do not directly process payments, hold customer funds, or act as a financial institution. Know Your Customer (KYC) obligations for end merchants are fulfilled by the respective merchant account providers (payment gateways and acquiring banks) who onboard and verify merchants according to their own compliance programs.

1. Introduction & Scope

This Anti-Money Laundering and Counter-Terrorism Financing (AML/CFT) Policy outlines Polapine Digital's commitment to preventing the use of our payment orchestration platform for money laundering, terrorist financing, or other financial crimes.

As a technology provider offering SaaS-based payment routing software, our role in the payment ecosystem differs from that of traditional financial institutions or payment processors. This policy reflects our position as a technology intermediary while demonstrating our commitment to responsible operations.

2. Our Position in the Payment Chain

Understanding our role is essential to understanding our AML/CFT obligations:

Polapine Digital provides the technology layer that routes payment transactions between merchants and payment gateways. We are a SaaS technology provider.
Payment Gateway Providers (Stripe, PayPal, Adyen, etc.) are the regulated entities that process actual payments. They perform KYC on their onboarded merchants according to their regulatory requirements.
Acquiring Banks provide merchant accounts and bear the primary regulatory responsibility for merchant due diligence and transaction monitoring.
Merchants are the businesses using our platform to route their payment transactions. Their KYC verification is completed by their respective payment gateway/acquiring bank.

Because we are a technology provider and do not directly process payments, hold funds (beyond operational balances), or establish banking relationships with end customers, the traditional KYC requirements applicable to financial institutions and payment processors do not directly apply to our SaaS platform. The responsibility for merchant onboarding KYC lies with the payment gateway providers who have direct contractual and regulatory relationships with the merchants they serve.

All regulatory liability and compliance obligations related to payment processing, anti-money laundering enforcement, customer due diligence, transaction monitoring for regulatory reporting purposes, and Suspicious Activity Report (SAR) filing rest exclusively with the licensed payment gateway providers and acquiring banks. Polapine Digital bears no liability for any regulatory non-compliance, fines, or penalties arising from the payment processing activities conducted by gateway providers connected to our Platform.

3. Our AML/CFT Commitments

Despite not being a regulated financial institution, Polapine Digital is committed to:

Preventing the use of our platform for money laundering or terrorist financing purposes
Cooperating with law enforcement and regulatory authorities when required
Implementing reasonable measures to detect suspicious activity within our platform
Maintaining records of transactions routed through our system
Refusing service to individuals or entities on international sanctions lists
Training our team on AML/CFT awareness and red flag indicators

4. Risk-Based Approach

We adopt a risk-based approach to AML/CFT that is proportionate to our role as a technology provider:

4.1 Platform-Level Controls

Transaction monitoring for unusual patterns (velocity, amounts, frequency)
Automated flagging of transactions exceeding defined thresholds
Monitoring for rapid account creation patterns
Detection of transaction structuring (smurfing) attempts
IP-based risk scoring and geographic analysis

4.2 Merchant Screening

Review of merchant business descriptions and website content
Screening against publicly available sanctions lists (OFAC, EU, UN)
Monitoring merchant chargeback ratios and dispute patterns
Assessment of business category risk levels
Investigation of reported suspicious activity

4.3 Reliance on Gateway Providers & Liability Allocation

We rely on our integrated payment gateway providers to fulfill regulatory compliance obligations. The following responsibilities and associated liabilities rest exclusively with the payment gateway providers:

Performing comprehensive KYC/KYB (Know Your Business) on merchants they onboard - all liability for inadequate merchant verification rests with the gateway provider
Conducting ongoing due diligence, enhanced due diligence, and transaction monitoring - the gateway provider bears full liability for compliance failures
Filing Suspicious Activity Reports (SARs) with relevant authorities - the gateway provider is solely liable for reporting failures
Complying with their jurisdictional AML/CFT regulatory requirements - all regulatory fines and penalties are the responsibility of the gateway provider
Maintaining appropriate licensing for payment processing activities - the gateway provider bears liability for operating without proper authorization
Ensuring compliance with sanctions screening at the transaction level - the gateway provider is liable for processing sanctioned transactions

Polapine Digital shall not be held liable for any AML/CFT compliance failures, regulatory penalties, or enforcement actions arising from the payment processing activities of connected gateway providers.

5. KYC Position Statement

Polapine Digital does not perform traditional KYC (identity verification, document collection, proof of address) on merchants using our SaaS platform because:

We are a technology provider, not a financial institution or money transmitter
We do not directly process payments - we route them to licensed processors
KYC obligations legally rest with the payment processors and acquiring banks who onboard merchants
Each payment gateway connected to our platform has its own comprehensive KYC/KYB program that merchants must complete before processing transactions
Duplicating KYC at the orchestration layer would create unnecessary friction without adding meaningful compliance value, as the regulated entities already perform this function

Merchants connecting their own API keys (BYOK) have already been verified by their respective payment providers. Merchants using our infrastructure are subject to the KYC requirements of the gateways we route their transactions through.

6. Suspicious Activity Detection

We monitor for and investigate the following red flags:

Unusual transaction volumes inconsistent with the merchant's stated business
Rapid increase in transaction values without clear business justification
Patterns of transactions just below reporting thresholds
Multiple accounts linked to the same individual or entity
Transactions involving high-risk jurisdictions
Excessive chargebacks or refund patterns suggesting fraudulent activity
Attempts to use the platform for transactions not matching the stated business type
Transactions with no apparent economic purpose

7. Sanctions Compliance

Polapine Digital is committed to complying with applicable economic sanctions:

We screen against OFAC (U.S. Office of Foreign Assets Control) sanctions lists
We screen against EU and UN consolidated sanctions lists
We do not knowingly provide services to sanctioned individuals, entities, or countries
We block or restrict access from comprehensively sanctioned jurisdictions
Positive matches result in immediate account suspension and investigation

8. Record Keeping

We maintain records of:

All transactions routed through our platform (amounts, dates, parties, gateways)
Account registration information
Suspicious activity investigations and outcomes
Communications related to compliance inquiries
Platform access logs and security events

Records are retained for the period required by applicable regulations and for a minimum of 5 years after account closure or transaction date.

9. Cooperation with Authorities

Polapine Digital will:

Respond to valid legal requests (subpoenas, court orders, regulatory inquiries)
Cooperate with law enforcement investigations
Report suspected criminal activity to appropriate authorities
Freeze or restrict accounts when required by law
Provide transaction records and account information as legally required

10. Account Suspension & Termination

We reserve the right to immediately suspend or terminate accounts when:

Suspicious activity is detected that suggests money laundering or terrorist financing
A merchant is found on a sanctions list
Law enforcement requests account restriction
Transaction patterns indicate potential financial crime
A merchant is found to be operating a prohibited business type

11. Training & Awareness

Our team receives training on:

Recognition of money laundering and terrorist financing indicators
Sanctions compliance obligations
Suspicious activity identification and escalation procedures
Platform-specific risk indicators and patterns
Updates to relevant regulations and industry best practices

12. Policy Review

This AML/CFT Policy is reviewed and updated periodically to reflect changes in regulations, industry standards, and our operational practices. We are committed to maintaining compliance standards appropriate to our role as a technology provider in the payment ecosystem.

13. Contact Us

For questions about this AML/CFT Policy or to report suspicious activity, please contact us:

Email: support@pd.cash
Website: pd.cash