← Back to home

Anti-Money Laundering and Counter-Terrorist Financing (AML/CFT) Policy

91 Payments Limited

1. Introduction and Regulatory Commitment

91 Payments Limited ("91 Payments", "we", "our", or "us") is a Canadian Money Services Business (MSB) operating within a highly regulated financial environment. We recognize that MSBs are particularly vulnerable to misuse for money laundering, terrorist financing, sanctions evasion, and other forms of financial crime due to the speed, cross-border nature, and liquidity of financial transactions they facilitate.

Accordingly, we have implemented a comprehensive, enterprise-wide Anti-Money Laundering and Counter-Terrorist Financing (AML/CFT) framework designed to detect, deter, and prevent illicit financial activity. Our AML/CFT framework is built on internationally recognized standards, including the Financial Action Task Force (FATF) Recommendations, and is fully aligned with Canadian statutory obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act ("PCMLTFA") and associated regulations.

We also comply with regulatory expectations issued by the Financial Transactions and Reports Analysis Centre of Canada, which serves as Canada's financial intelligence unit responsible for monitoring compliance within the MSB sector.

This Policy establishes binding principles, procedures, and governance mechanisms that govern how 91 Payments Limited identifies, assesses, mitigates, and reports AML/CFT risks across all operations.

2. Purpose, Objectives and Strategic Intent

The purpose of this AML/CFT Policy is to establish a comprehensive compliance architecture that ensures the Company is not knowingly or unknowingly used as a channel for illicit financial activity.

The key objectives include:

  • Establishing a robust framework for the identification and mitigation of money laundering and terrorist financing risks across all business lines
  • Ensuring full compliance with Canadian regulatory obligations, including reporting, record-keeping, and customer due diligence requirements
  • Protecting the integrity, reputation, and operational continuity of 91 Payments Limited
  • Supporting law enforcement and regulatory authorities in detecting and preventing financial crime
  • Embedding a culture of compliance, accountability, and ethical financial conduct throughout the organization
  • Ensuring that risk-based controls are consistently applied across all customers, products, services, and jurisdictions

This Policy is not a static document; it forms part of a dynamic compliance ecosystem that evolves in response to regulatory changes, emerging threats, and evolving typologies of financial crime.

3. Scope of Application and Coverage

This AML/CFT Policy applies universally to all aspects of 91 Payments Limited's operations, including but not limited to:

  • All individual and corporate customers, including beneficial owners, directors, and authorized signatories
  • All financial products and services, including domestic and cross-border payments, foreign exchange services, and digital financial solutions
  • All distribution channels, including online platforms, APIs, mobile applications, and third-party integrations
  • All employees, officers, directors, contractors, agents, and representatives of the Company
  • All business partners, affiliates, intermediaries, and service providers involved in facilitating financial transactions

This Policy applies at every stage of the customer lifecycle, including onboarding, account maintenance, transaction processing, monitoring, and termination of business relationships.

4. Regulatory Framework and Legal Obligations

91 Payments Limited operates under a strict regulatory regime and fully complies with all applicable AML/CFT laws and guidance, including:

  • The PCMLTFA and its supporting regulations, which define the obligations of Money Services Businesses in Canada
  • Mandatory reporting and compliance requirements issued by Financial Transactions and Reports Analysis Centre of Canada
  • Canadian sanctions legislation, including restrictions on designated individuals, entities, and jurisdictions
  • International AML/CFT standards established by the Financial Action Task Force (FATF)
  • Applicable privacy laws, including the Personal Information Protection and Electronic Documents Act, which govern the handling of personal information collected for compliance purposes

We continuously monitor regulatory developments and update internal controls to ensure ongoing compliance with evolving legal expectations.

5. Enterprise AML/CFT Compliance Program

91 Payments Limited maintains a structured AML/CFT compliance program consisting of interconnected operational and governance components designed to ensure regulatory compliance and effective risk management.

5.1 Governance and Oversight

The AML/CFT program is overseen by senior management and governed through a formal compliance structure that ensures accountability, independence, and escalation mechanisms for high-risk matters.

5.2 Compliance Officer Function

A designated Compliance Officer is responsible for the overall implementation, monitoring, and continuous improvement of the AML/CFT framework, including reporting obligations to FINTRAC and internal governance reporting.

5.3 Written Policies and Procedures

We maintain detailed and regularly updated policies that define operational processes for customer onboarding, due diligence, transaction monitoring, reporting, and record retention.

5.4 Training and Awareness

Employees are required to undergo structured AML/CFT training programs designed to ensure awareness of regulatory obligations, red flags, escalation procedures, and internal controls.

5.5 Independent Review

The AML/CFT program is subject to periodic independent review to assess effectiveness, identify weaknesses, and ensure alignment with regulatory expectations.

6. Risk-Based Approach (RBA) and Enterprise Risk Management

91 Payments Limited applies a formalized risk-based approach to AML/CFT compliance, ensuring that higher-risk areas receive enhanced controls and monitoring.

6.1 Risk Identification Framework

We assess risk across four primary dimensions:

  • Customer risk (identity, ownership structure, and behaviour)
  • Geographic risk (jurisdictions of operation, residence, or transaction flow)
  • Product and service risk (payment types, FX exposure, settlement mechanisms)
  • Delivery channel risk (digital onboarding, API integrations, third-party intermediaries)

6.2 Risk Scoring Methodology

Each customer is assigned a dynamic risk rating based on quantitative and qualitative factors such as:

  • Transaction frequency and volume
  • Source of funds transparency
  • Jurisdictional exposure
  • Behavioural consistency

6.3 Risk Mitigation Strategy

Depending on assessed risk level, we implement:

  • Standard Due Diligence (SDD) for low-risk customers
  • Enhanced Due Diligence (EDD) for elevated-risk customers
  • Senior management approval for onboarding high-risk profiles
  • Continuous monitoring intensity adjustments

7. Customer Due Diligence (CDD) and KYC Requirements

91 Payments Limited conducts comprehensive Customer Due Diligence (CDD) procedures in accordance with Canadian regulatory requirements.

7.1 Identity Verification

We verify customer identity using reliable, independent, and verifiable sources such as:

  • Government-issued identification documents
  • Biometric verification systems where applicable
  • Third-party identity verification databases

7.2 Customer Profile Development

We collect and maintain detailed customer profiles including:

  • Legal identity and contact information
  • Occupation or nature of business activities
  • Expected transaction behaviour and volume
  • Purpose and intended use of services

7.3 Beneficial Ownership Identification

For corporate or complex structures, we identify:

  • Individuals with direct or indirect ownership of 25% or more
  • Persons exercising control over the entity
  • Senior management or controlling decision-makers

7.4 Ongoing Customer Due Diligence

Customer information is reviewed periodically to ensure:

  • Accuracy and completeness
  • Alignment with transaction behaviour
  • Updated risk classification where necessary

8. Enhanced Due Diligence (EDD) and High-Risk Controls

Enhanced Due Diligence is applied to customers and transactions that present elevated risk exposure.

8.1 High-Risk Indicators

These include:

  • Politically Exposed Persons (PEPs)
  • Customers from high-risk jurisdictions
  • Complex ownership or trust structures
  • Unusual or large-value transactions

8.2 Enhanced Verification Measures

EDD procedures include:

  • Verification of source of funds and source of wealth
  • Independent corroboration of customer information
  • Detailed transaction purpose analysis
  • Senior management approval prior to onboarding or transaction execution

9. Transaction Monitoring and Behavioural Analytics

We operate continuous monitoring systems designed to identify suspicious or unusual activity in real time and retrospectively.

9.1 Monitoring Objectives

Our monitoring framework is designed to detect:

  • Structuring or layering of transactions
  • Rapid movement of funds across jurisdictions
  • Inconsistent transactional behaviour
  • Unusual transaction velocity or volume

9.2 Monitoring Mechanisms

We utilize:

  • Automated rule-based detection systems
  • Behavioural analytics and anomaly detection models
  • Manual compliance investigations and reviews

9.3 Escalation Framework

All flagged activity is escalated to the Compliance Department for review and potential regulatory reporting.

10. Sanctions Screening and Restricted Transactions

We conduct comprehensive screening against:

  • Canadian sanctions lists
  • United Nations sanctions databases
  • Other internationally recognized watchlists

We prohibit transactions involving:

  • Sanctioned individuals or entities
  • Restricted jurisdictions
  • Entities with known links to financial crime or terrorism

11. Suspicious Transaction Reporting (STR) Obligations

We are legally required to identify and report suspicious transactions to Financial Transactions and Reports Analysis Centre of Canada.

11.1 Suspicious Activity Indicators

These may include:

  • Transactions with no clear economic purpose
  • Attempts to avoid reporting thresholds
  • Inconsistent customer behaviour
  • Complex, unexplained fund movements

11.2 Reporting Procedure

Once identified, suspicious activity is:

  • Documented in detail
  • Investigated internally
  • Reported to FINTRAC in accordance with statutory timelines

12. Record Keeping and Retention Requirements

We maintain comprehensive records including:

  • Customer identification and verification records
  • Transaction histories and supporting documentation
  • Risk assessments and due diligence reports
  • Compliance review logs

Records are retained for a minimum of five (5) years, or longer where required by law or regulatory guidance.

13. Employee Training and Continuous Awareness

All relevant personnel undergo structured AML/CFT training programs covering:

  • Regulatory obligations and legal responsibilities
  • Identification of suspicious activity indicators
  • Internal escalation and reporting procedures
  • Sanctions compliance and risk awareness

Training is refreshed regularly to reflect evolving risks and regulatory updates.

14. Internal Controls and Operational Safeguards

We maintain robust internal controls including:

  • Segregation of duties between compliance and operations
  • Dual authorization for high-risk transactions
  • Audit trails for all system activities
  • Escalation protocols for compliance concerns

15. Independent Review and Program Effectiveness

The AML/CFT program undergoes periodic independent review to assess:

  • Compliance with regulatory obligations
  • Effectiveness of controls
  • Identification of gaps or weaknesses
  • Recommendations for improvement

Findings are reported to senior management and remediation actions are tracked.

16. Prohibited Activities and Risk Restrictions

We strictly prohibit the use of our services for:

  • Money laundering or terrorist financing
  • Fraud or financial deception
  • Sanctions evasion
  • Identity misrepresentation

We reserve the right to:

  • Reject onboarding applications
  • Freeze or suspend accounts
  • Terminate business relationships
  • Report to regulatory authorities

17. Data Protection and Confidentiality

All AML-related data is handled in accordance with the Personal Information Protection and Electronic Documents Act.

Access is strictly limited to authorized personnel and used solely for compliance purposes.

18. Cooperation with Regulators and Law Enforcement

We fully cooperate with:

  • FINTRAC
  • Canadian law enforcement agencies
  • International regulatory bodies where applicable

We respond promptly to lawful requests for information.

19. Policy Maintenance and Review Cycle

This Policy is reviewed:

  • Annually as a minimum requirement
  • Upon regulatory or legislative changes
  • When new financial crime risks emerge

Updates are published as necessary to ensure ongoing compliance.

20. Contact Information

Compliance Officer

91 Payments Limited

1771 Robson Street – 1311

Vancouver, British Columbia, Canada

Email: compliance@91-payments.com

Final Statement

91 Payments Limited remains fully committed to maintaining a strong, proactive, and risk-based AML/CFT framework that meets or exceeds Canadian regulatory expectations and contributes to the global fight against financial crime.

solution

Multi-currency AccountsGlobal Trade FinancingInternational PaymentsCurrency ManagementAPI & IntegrationsWhite-label Solutions

industries

PaymentsInvoicingSettlementsLogisticsSupply

resources

Developer DocsCompliance CenterSecurity & Trust

company

About 91PayContactFAQ

legal

AML / CTF ComplianceCookie PolicyFinancial Risk DisclosurePrivacy PolicyRefund PolicyRegulatory DisclosureTerms of Use

© 2026 91 Payments. All rights reserved.

91 Payments. Registered with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) as a Money Services Business. Registered address: 1771 Robson Street - 1311, Vancouver, BC V6G 3B7, Canada.



91 Payments. Registered with the Financial Crimes Enforcement Network (FinCEN) in the United States as a Money Services Business. Registered address: 30 N Gould St, Ste R, Sheridan, Wyoming 82801, USA.