Licensed Virtual Asset Service Provider (VASP) — Poland | KRS: 0001142506

AML / KYC Policy

Last updated: 2025-11-18

1. Company Information & Regulatory Status

Company name:
COINEXUS Spółka z ograniczoną odpowiedzialnością ("COINEXUS Sp. z o.o.")

Legal form:
Limited Liability Company

KRS number: 0001142506
NIP (Tax ID): 7252350358
REGON: 540348512

Registered office:
Juliana Tuwima 48, unit 11,
90-021 Łódź, Poland

1.1 Company Details

COINEXUS Sp. z o.o. is a regulated Virtual Asset Service Provider (VASP) company, incorporated under the laws of the Republic of Poland with Company number 0001142506.

1.2 Regulated Status

The Company is registered as a Virtual Asset Service Provider (VASP) in Poland.

The VASP license/registration number is RDWW-1750.

1.3 Supervisory Authority (FIU – GIIF / GIFI)

As a VASP in Poland, the Company is supervised by the Polish Financial Intelligence Unit:

Generalny Inspektor Informacji Finansowej ("GIIF")
(EN: General Inspector of Financial Information "GIFI")

Address: Świętokrzyska 12, 00-916 Warsaw, Poland
Phone: +48 (22) 694-59-70, +48 (22) 694-30-60
Email: sekretariat.IF@mf.gov.pl

GIIF is Poland's Financial Intelligence Unit ("FIU") and the primary authority responsible for AML/CFT supervision and enforcement.

1.4 Identification (KYC) Policy

The Company applies Know Your Customer (KYC) procedures to all clients before any transaction is processed.

The following steps are required:

  1. Collection of valid government-issued ID (passport or national ID).
  2. Proof of address not older than 3 months (e.g., utility bill or bank statement).
  3. Screening against sanctions and PEP lists via Allpass.ai.
  4. Verification of Source of Wealth when applicable.

No transactions are allowed before successful verification.

Authorized by: Mohamed Oussema Sassi

Position: Co-Founder, Executive Director & MLRO

2. Purpose of the Policy

This Policy outlines the principles and procedures applied by COINEXUS Sp. z o.o. ("Coinexus", the "Company") to prevent money laundering, terrorist financing, fraud, and other illegal financial activity.

It ensures that the Company:

  • Complies with applicable AML/CFT laws and regulations;
  • Conducts adequate customer due diligence;
  • Monitors transactions and client activity;
  • Reports suspicious activity to GIIF and other competent authorities, where required.

3. Scope

This Policy applies to:

  • All Coinexus clients;
  • All OTC settlement transactions (crypto-to-fiat and fiat-to-crypto);
  • All employees involved in onboarding, compliance, risk, operations, or client servicing;
  • Third-party service providers engaged in KYC/AML or screening activities on behalf of the Company.

4. Regulatory Framework

Coinexus complies with, among others:

  • EU Anti-Money Laundering Directives (including 5AMLD and 6AMLD);
  • The Polish AML Act and related regulations;
  • Requirements and guidelines issued by GIIF;
  • International sanctions regimes (UN, EU, OFAC and others, where relevant).

5. Client Due Diligence (CDD)

The Company applies a risk-based approach to Client Due Diligence. This means the level of checks and monitoring depends on the client's risk profile.

CDD includes, at minimum:

  • Identification and verification of the client's identity;
  • Identification and verification of beneficial owners (where applicable);
  • Sanctions and PEP screening;
  • Assessment of the client's risk profile;
  • Ongoing monitoring of the business relationship.

Enhanced Due Diligence (EDD) measures are applied to high-risk clients, high-risk jurisdictions, or high-risk products/services.

6. Risk-Based Approach (RBA)

The Company evaluates the risk of money laundering and terrorist financing based on:

  • Jurisdiction and geographic risk;
  • Client type (e.g., corporate, professional, individual, high net-worth);
  • Nature and purpose of the business relationship;
  • Expected transaction volume and frequency;
  • Source of funds and Source of Wealth;
  • Sanctions and PEP exposure.

Clients and activities assessed as high-risk are subject to stricter CDD/EDD, enhanced monitoring and, where appropriate, restrictions or refusal of service.

7. Prohibited Activities

The Company strictly prohibits the use of its services for:

  • Money laundering or terrorist financing;
  • Fraud, tax evasion or other financial crimes;
  • Activities linked to the darknet or illicit marketplaces;
  • Use of mixing, tumbling, or other anonymity-enhancing services for funds;
  • Unlicensed online gambling activities;
  • Shell-banking and fictitious or fraudulent identities;
  • Third-party beneficiary payments that do not match the verified client;
  • Any activity in breach of EU, Polish, or international regulations.

Suspicious transactions and activities are reviewed and, where required, reported to GIIF or other competent authorities.

8. Transaction Rules

To reduce the risk of misuse of its services, Coinexus applies the following transactional rules:

  • All fiat transfers must be executed to and from bank accounts held in the client's own name;
  • The Company does not accept or process cash;
  • The Company does not provide custody or wallet services for clients' funds;
  • The Company does not operate a trading platform or offer leveraged or speculative products;
  • Transactions that do not align with the documented client profile or Source of Wealth may be delayed, reviewed, or rejected.

9. Data Protection & Record-Keeping

The Company maintains all AML/KYC records in accordance with applicable laws, including:

  • Retaining KYC and transaction data for at least 5 years from the end of the business relationship or from the date of an occasional transaction, as required by law;
  • Ensuring that personal data is processed in line with GDPR and relevant privacy regulations;
  • Deleting or anonymizing data securely once retention periods expire, unless further retention is legally justified;
  • Restricting access to AML/KYC data to authorized personnel only.

10. Sanctions & PEP Screening

All clients and, where applicable, beneficial owners are screened against:

  • United Nations sanctions lists;
  • European Union sanctions lists;
  • OFAC and other relevant sanctions lists;
  • Politically Exposed Person (PEP) databases.

The Company uses Allpass.ai and other specialized tools to perform sanctions and PEP screening both at onboarding and on a periodic/ongoing basis for active clients.

11. Reporting Obligations

The Company is committed to fulfilling its reporting obligations, which may include:

  • Filing Suspicious Activity Reports (SARs) or equivalent reports with GIIF;
  • Reporting certain threshold or unusual transactions, where required;
  • Cooperating with law enforcement agencies and competent authorities;
  • Providing relevant documentation and information to regulators upon lawful request.

Coinexus does not inform clients when a SAR or similar report has been filed, where such disclosure would be prohibited ("tipping-off" rules).

12. Training & Internal Controls

The Company ensures that employees involved in AML/CTF-relevant functions receive regular training on:

  • AML/CFT legal and regulatory requirements;
  • Internal AML/CTF procedures and guidelines;
  • Identification of red flags and suspicious behavior;
  • Sanctions compliance and screening procedures;
  • Information security and confidentiality.

Internal controls and procedures are reviewed periodically to maintain effectiveness and alignment with regulatory expectations.

13. Independent Audits

AML/CTF measures and internal controls may be subject to:

  • Internal audits;
  • External audits or independent compliance assessments;
  • Reviews or inspections carried out by GIIF or other competent authorities.

Where deficiencies are identified, the Company implements corrective measures within a reasonable timeframe.

14. Policy Updates

This Policy may be updated to reflect:

  • Changes in applicable laws and regulations;
  • New or updated guidance from GIIF or other regulators;
  • Internal risk assessments and business model changes;
  • Industry best practices in AML/CFT.

The current version of this Policy is made available on the Company's website.

15. Contact Information

For any questions or concerns related to this AML/KYC Policy or AML/CTF matters, please contact:

Email: compliance@coinexus.vip

End of Policy

© 2025 Coinexus. All rights reserved.

COINEXUS Sp. z o.o. — KRS 0001142506 | NIP 7252350358 | REGON 540348512

Registered office: Juliana Tuwima 48, unit 11, 90-021 Łódź, Poland

Licensed Virtual Asset Service Provider (VASP) — License number RDWW-1750

Supervised by the Polish Financial Intelligence Unit (GIIF)

We use only essential cookies required for site functionality. By using our site, you agree to this.

    Made with Emergent