Anti-Money Laundering (AML) And Counter-Terrorism Financing (CTF) Compliance Policy

Last updated: 1st of November 2025

1. Introduction

AIO SOLUTIONS AG (hereinafter: "AIO", "we", "our" or "us") is committed to preventing money laundering, terrorism financing, and other financial crimes. This Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) Compliance Policy sets out the measures, processes and internal controls we have in place to comply with Swiss law and international best practices.

We take our responsibilities under the Swiss Anti-Money Laundering Act (AMLA), the FINMA Anti-Money Laundering Ordinance (AMLO-FINMA), and applicable regulations very seriously. All clients and employees are expected to cooperate with our compliance efforts.

2. Legal Status

AIO SOLUTIONS AG is affiliated to SO-FIT, a self-regulatory organization (SRO) recognized by the Swiss Financial Market Supervisory Authority (FINMA). As a financial intermediary under Article 2 para. 3 of the AMLA, we are obliged to:

  • Identify and verify the identity of our clients;
  • Determine the beneficial owners of accounts and assets;
  • Monitor business relationships and transactions on an ongoing basis;
  • Report suspicious activities to the Money Laundering Reporting Office Switzerland (MROS).

3. Customer Due Diligence (CDD)

We apply risk-based Customer Due Diligence measures, tailored to the nature and scope of the business relationship. All prospective clients must undergo identity verification (KYC) before using our services.

3.1 Standard Due Diligence

For individuals:

  • Full name, date of birth, nationality
  • Residential address
  • Government-issued ID (passport or national identity card)
  • Proof of address (if applicable)
  • Purpose and nature of the business relationship

For legal entities:

  • Name, legal form, registration number
  • Registered address
  • Beneficial owners (UBOs) with ≥25% ownership or control
  • Company incorporation documents
  • Articles of association
  • Identification of authorized signatories and directors

3.2 Enhanced Due Diligence (EDD)

EDD is required for high-risk clients, including:

  • Politically Exposed Persons (PEPs)
  • Clients from high-risk jurisdictions (FATF grey/black list)
  • Non-face-to-face clients
  • Clients involved in high-value or high-volume transactions
  • Complex corporate structures or trusts

Additional EDD measures include:

  • Independent verification of identity documents
  • Source of funds and source of wealth analysis
  • Senior management approval for the business relationship
  • Continuous monitoring of transactions

3.3 Ongoing Due Diligence

We continuously monitor business relationships to:

  • Ensure transactions are consistent with the client's profile;
  • Detect unusual or suspicious activity;
  • Update KYC documentation periodically (at least every 3 years).

4. Risk Classification and Screening

All clients are assigned a risk rating (low, medium, high) based on:

  • Client type (individual, corporate, partnership);
  • Country of residence and jurisdiction risk;
  • Nature and purpose of the business relationship;
  • Expected transaction volume and patterns;
  • Source of funds and wealth.

We conduct automated screening against:

  • International sanctions lists (UN, EU, OFAC, SECO)
  • Politically Exposed Persons (PEPs) databases
  • Adverse media and watchlists

Screening is performed at onboarding and on an ongoing basis.

5. Transaction Monitoring

We monitor all transactions and client behavior to detect suspicious patterns, including:

  • Structuring or splitting transactions to avoid reporting thresholds;
  • Transactions inconsistent with the client's declared activity;
  • High-volume or high-value transfers without clear business rationale;
  • Transactions to or from high-risk countries;
  • Unusual account activity (e.g., dormant accounts suddenly active).

Alerts are reviewed by our compliance team, and suspicious activity is escalated internally for investigation.

6. Suspicious Activity and Reporting

If we have reasonable grounds to suspect that assets are connected to money laundering, predicate offenses, or terrorism financing, we will:

  • File a Suspicious Activity Report (SAR) with MROS;
  • Freeze the transaction or account (where legally required);
  • Maintain strict confidentiality ("tipping-off" prohibition under AMLA Art. 10a).

We do not inform the client if a SAR has been filed.

7. Business Refusals and Termination

We reserve the right to refuse or terminate a business relationship if:

  • The client fails to provide required KYC documentation;
  • The client is subject to sanctions;
  • We cannot verify the source of funds or beneficial ownership;
  • The client engages in prohibited activities (see Acceptable Use Policy);
  • We detect suspicious or illegal activity.

In such cases, we may report the matter to MROS and SO-FIT.

8. Staff Training and Governance

All employees with client-facing or compliance responsibilities receive regular AML/CFT training, covering:

  • Swiss AML legislation (AMLA, AMLO-FINMA);
  • Detection of suspicious activity;
  • Internal reporting procedures;
  • Data protection and confidentiality.

Our Compliance Officer oversees the implementation and enforcement of this policy and reports directly to senior management.

9. Recordkeeping and Data Security

We retain all AML/CFT-related records for a minimum of 10 years following the end of the business relationship, including:

  • KYC documents and identification data;
  • Transaction records and correspondence;
  • Risk assessments and screening results;
  • SARs and internal investigation reports.

All data is stored securely in accordance with Swiss data protection law.

10. Third Parties and Outsourcing

Where we engage third-party service providers for KYC, screening, or transaction monitoring, we ensure:

  • They meet Swiss and international AML/CFT standards;
  • Contracts include data protection and confidentiality clauses;
  • We retain ultimate responsibility for compliance.

11. Contact and Reporting

For questions regarding our AML/CFT procedures, or to report suspicious activity internally, contact:

Compliance Officer
compliance@aio.net
AIO SOLUTIONS AG
Rue du Mont-Blanc 11, 1201 Geneva, Switzerland

12. Final Notes

This policy is reviewed annually and updated as necessary to reflect changes in legislation, regulation, or business operations. Clients are expected to comply with all reasonable requests for information and documentation in support of our AML/CFT obligations.

Failure to cooperate may result in the suspension or termination of services.