top of page

                                                     ANTI-MONEY LAUNDERING (AML) POLICY


ARTICLE 1 – PREAMBLE AND GENERAL OBJECTIVES

  1. CGPH Banque d’Affaires acknowledges the paramount importance of preventing money laundering and the financing of terrorism as a core element of its broader strategy of integrity, transparency, and compliance with the rule of law. 

  2. This Policy, voluntarily adopted in adherence to the most stringent international standards, is intended to ensure the Institution’s regulatory compliance and to safeguard the integrity of the financial system as a whole. 

  3. It applies to all activities, affiliated entities, personnel, and counterparties of the Institution, regardless of the jurisdiction in which they operate.

 

ARTICLE 2 – SCOPE OF APPLICATION AND REGULATORY SOURCES

  1. This Policy applies to all operational units, subsidiaries and affiliates, employees, external collaborators, consultants, representatives, and business partners of CGPH Banque d’Affaires. 

  2. It is based on the following regulatory sources and guidelines:

    1. Directive (EU) 2018/1673 (commonly referred to as the Sixth Anti-Money Laundering Directive – AMLD6);

    2. The Recommendations of the Financial Action Task Force (FATF);

    3. The Bank Secrecy Act and the USA PATRIOT Act, where applicable;

    4. National legislation in the countries where CGPH operates; and

    5. Global best practices adopted in the banking and financial services industry.

 

ARTICLE 3 – DEFINITIONS

  1. For the purposes of this Policy, the following terms shall have the meanings set forth below:

    1. "Beneficial Owner": the natural person who, ultimately, owns or controls the customer, or on whose behalf a transaction is carried out.

    2. "CDD (Customer Due Diligence)": the process of identifying and verifying the identity of the customer, including analyzing their operations, the source of funds, and assessing the associated risk.

    3. "Ex-post Controls": checks performed after the execution of transactions or the completion of relationships to detect any anomalies not identified during the preventive phase or in real-time, and to monitor compliance with established procedures.

    4. "KYC (Know Your Customer)": the set of informational and documentary activities aimed at gathering, verifying, and updating the personal, financial, and operational data of the customer, in order to understand the customer’s economic and behavioral profile from the establishment of the relationship and throughout its duration.

    5. "Money Laundering": any conduct aimed at substituting or transferring assets derived from criminal activities in order to obscure their identification, illicit origin, location, seizure, or confiscation.

    6. "PEP (Politically Exposed Person)": an individual who holds or has held a prominent public position, as well as their family members and individuals known to be closely associated with them.

    7. "Terrorist Financing": the collection or transfer, by any means, of funds intended to finance terrorist acts or terrorist organizations.

    8. "Sanction Screening": the automated or manual process of checking the names of customers, counterparties, and beneficiaries against official lists of individuals subject to international sanctions, embargoes, or economic restrictions, issued by authorities such as the UN, EU, OFAC, or other competent local authorities.

    9. "Suspicious Transaction": any transaction, financial movement, or customer behavior that, due to its characteristics, size, manner, or frequency, is inconsistent with the declared profile or raises reasonable suspicions regarding its legitimacy, the origin of funds, or the intended purpose, even in the absence of direct proof of illicit activities.

    10. "Suspicious Transaction Reporting Office (SOS)": the internal or external function responsible for analyzing, evaluating, and reporting suspicious transactions to the competent authorities (e.g., UIF), in collaboration with the AML Compliance Officer and in accordance with established protocols.

 

ARTICLE 4 – GOVERNANCE AND ORGANIZATIONAL STRUCTURE

  1. The ultimate responsibility for the implementation of this Policy lies with the Director, who approves its content, promotes its adoption, and monitors its overall effectiveness, ensuring that the organization has adequate resources, effective tools, and appropriate structures to guarantee full regulatory compliance.

  2. The Anti-Money Laundering Compliance Officer (AML Compliance Officer or MLRO – Money Laundering Reporting Officer) is formally appointed by the management body and is responsible for the daily management of the AML system, oversight of internal controls, implementation of prevention policies, analysis of suspicious transactions, regulatory updates, and ongoing staff training.

  3. The AML Compliance Officer has direct access to senior management and the necessary information to perform their role independently and prepares periodic reports on the effectiveness of the AML controls and the progress of monitoring activities.

  4. The Operational AML Contact, where applicable, supports the AML Officer in operational activities and acts as the liaison with the various company functions involved in onboarding, monitoring, and reporting processes.

  5. The Internal Audit function, if present, performs periodic independent checks on the compliance of the procedures adopted and the integrity of the AML system, ensuring that policies and controls are effectively applied, documented, and updated in response to regulatory changes and emerging risk profiles.

  6. The organization adopts an integrated governance model, which includes:

    1. Segregation of operational functions from those of control;

    2. Structured information flows between the AML Officer, company bodies, and the audit function; and

    3. Traceability of all relevant AML activities, including risk assessments, decisions regarding suspicious transactions, and corrective actions taken.

  7. AML training is mandatory for all personnel and must be proportionate to the risk exposure associated with the position held, with periodic updates and checks to ensure the effective understanding of the company policies and relevant regulations.

 

ARTICLE 5 – RISK ASSESSMENT AND RISK-BASED APPROACH

  1. CGPH adopts a risk-based approach to manage its exposure to money laundering and terrorist financing, in accordance with the principles established by international regulations (e.g., FATF, EU Directives IV and V). This approach allows for the tailoring of the intensity of controls and preventive measures based on the actual exposure to risk.

  2. Risk assessments are conducted at least annually, or whenever significant changes occur in the operational or regulatory context. These assessments analyze:

    1. The type of clientele (e.g., PEPs, shell companies, occasional clients);

    2. Geographical location (e.g., high-risk jurisdictions, countries subject to sanctions or blacklisted);

    3. The products and services offered (e.g., anonymous payment instruments, fiduciary services, cryptocurrencies); and

    4. Distribution channels and operational modes (e.g., remote operations, omnibus accounts, use of intermediaries).

  3. The results of these analyses are formalized in specific internal reports, shared with the Director and the control functions, and form the basis for determining the customer risk classification criteria (low, medium, high) and for defining the applicable Customer Due Diligence measures.

  4. Counterparties classified as high-risk are subject to an Enhanced Due Diligence (EDD) regime, which includes:

    1. Extended and in-depth due diligence;

    2. Enhanced and continuous monitoring of transactions; and

    3. The requirement for explicit approval from the Director to establish or continue the business relationship.

 

ARTICLE 6 – CUSTOMER IDENTIFICATION AND VERIFICATION (CDD)

  1. Upon the establishment of a business relationship or the execution of an occasional significant transaction, CGPH is required to identify the customer and, where applicable, the beneficial owner, through the acquisition and verification of both documentary and non-documentary information.

  2. The Customer Due Diligence process includes:

    1. The collection of complete identifying data (e.g., personal details, tax code, address, professional qualifications);

    2. The identification of the beneficial owner where required, including mapping the ownership chain; and

    3. The assessment of consistency between the declared profile and the nature of the planned business activities.

  3. The acquisition of information and documentation regarding the source of the funds used for transactions is always mandatory, and, where relevant, information about the origin of the customer's overall wealth must also be obtained.

  4. The relationship with the customer is subject to continuous monitoring, aimed at detecting anomalies, significant deviations from the expected behavior, or transactions lacking economic or financial justification.

  5. The KYC process is subject to periodic review, with the frequency proportional to the level of risk associated with the customer. Updating the information is mandatory whenever suspicious events occur, significant changes in the profile are noted, or modifications in the provided data are identified.

 

ARTICLE 7 – ENHANCED DUE DILIGENCE (EDD) MEASURES

  1. Customers who present a high-risk profile, according to internal classification criteria or in accordance with the guidance of supervisory authorities, are subject to enhanced due diligence measures.

  2. The EDD measures include, but are not limited to:

    1. Documented personal interviews with the customer or their representatives, aimed at verifying the consistency of the declared profile and exploring the purpose of the business relationship;

    2. Acquisition of additional documentary or evidential elements regarding the source of funds and wealth, with particular attention to untraceable income sources or funds from high-risk countries;

    3. Oversight by second-line control functions, with mandatory review by the AML Compliance Officer and involvement of the Director in more sensitive cases; and

    4. More frequent and systematic reviews of the business relationship, with periodic updates of the collected information and reassessment of the risk level, also for the purposes of continuing the relationship.

 

ARTICLE 8 – MANAGEMENT OF THIRD-PARTY AND INTERMEDIARY RISK

  1. CGPH adopts specific measures for assessing and controlling the risks associated with the use of third parties, intermediaries, agents, and external service providers, to whom due diligence is applied in proportion to the nature of the relationship.

  2. Before establishing any contractual relationship, a preventive due diligence process is carried out to:

    1. Verify the identity and reputation of the party;

    2. Ensure the absence of any criminal background or connections to sanctioned individuals or entities; and

    3. Ensure that the third party complies with equivalent AML/CFT standards.

  3. The continuation of the relationship is subject to adherence to comparable AML policies and practices, formally documented. Counterparties must demonstrate that they have implemented appropriate internal controls and have designated an AML officer.

  4. Contracts with such parties include explicit compliance clauses, which provide for:

    1. The obligation to cooperate with the competent authorities;

    2. The right of audit, access, and verification by CGPH or its designated representatives; and

    3. The possibility of immediate termination in the event of serious or repeated violations of AML provisions.

 

ARTICLE 9 – SANCTION SCREENING AND WATCHLISTS

  1. CGPH adopts an automated and systematic screening system for the names of customers, beneficial owners, and counterparties, aimed at verifying their presence in updated international sanction lists, including, by way of example but not limited to:

    1. Office of Foreign Assets Control (OFAC – U.S. Department of the Treasury);

    2. Council of the European Union (EU Sanctions List);

    3. United Nations Security Council (UN Sanctions List); and

    4. Her Majesty’s Treasury (HMT – UK Sanctions List).

  2. This screening is carried out both during onboarding and periodically throughout the business relationship, with continuous updates of the lists through certified feeds.

  3. In the event of a match (true match), the relationship is immediately subject to precautionary blocking, and an internal investigation is initiated by the AML Compliance Officer, including open-source analysis and thorough documentary verification. If there remain risk factors or regulatory obligations, the matter is promptly reported to the competent authorities, including, where applicable, financial intelligence units and supervisory authorities.

 

ARTICLE 10 – TRANSACTION MONITORING AND SUSPICIOUS ACTIVITY REPORTING (SAR)

  1. CGPH implements an integrated transaction monitoring system that combines advanced technological tools with manual analysis by control functions.

  2. The system is calibrated based on the customer's risk profile and allows for the timely detection of suspicious or inconsistent behavior, including by applying anomaly indicators such as:

    1. Artificial splitting of transactions to circumvent control thresholds or reporting obligations;

    2. Inconsistencies between the volume or nature of the transactions and the declared economic-financial profile; and

    3. Systematic use of offshore accounts, high-risk jurisdictions, or opaque corporate structures, such as trusts or shell companies with no economic substance.

  3. If the Money Laundering Reporting Officer (MLRO) identifies concrete, precise, and consistent elements of suspicion, they will prepare and submit a Suspicious Activity Report (SAR) to the Financial Intelligence Unit (UIF) or other competent authority, in accordance with the applicable regulations.

 

ARTICLE 11 – WHISTLEBLOWING MECHANISMS

  1. CGPH actively promotes a culture of integrity and legality, encouraging staff to report in good faith any suspected behavior or violation of AML/CFT regulations, including potential violations.

  2. Reports can be submitted in writing to the dedicated address legal@cgph.info or through other reserved channels that may be activated, ensuring:

    1. Full confidentiality of the whistleblower's identity;

    2. No retaliation and protection against any form of discrimination or penalization; and

    3. Impartial handling by an independent internal party, with potential involvement of the AML Compliance Officer.

  3. All reports are subject to structured analysis, and if deemed well-founded, will lead to the activation of the investigative and disciplinary measures provided for.

 

ARTICLE 12 – TRAINING AND AWARENESS

  1. CGPH ensures mandatory, systematic, and tailored training for all staff on AML/CFT risks to ensure an adequate level of awareness and operational competence.

  2. Training programs:

    1. Are differentiated based on the company role and the level of exposure to risk;

    2. Include practical modules, exercises, and periodic regulatory updates; and

    3. Are delivered both in-person and via e-learning.

 

ARTICLE 13 – TECHNOLOGY AND SUPPORT SYSTEMS

  1. CGPH uses advanced technological tools to support the entire customer lifecycle and the management of AML/CFT risks. Specifically, the adopted systems include:

    1. Digital onboarding solutions;

    2. Transaction monitoring platforms, with rule engines and machine learning to detect suspicious patterns and behavioral anomalies; and

    3. Automatic screening tools for sanction lists, PEP, and adverse media, with real-time updates.

  2. The IT infrastructure is designed according to cybersecurity-by-design principles, with data protection measures compliant with the General Data Protection Regulation (GDPR), ensuring the integrity, availability, and confidentiality of the information processed.

 

ARTICLE 14 – INTERNAL AUDIT AND PERIODIC REVIEWS

  1. The anti-money laundering and counter-financing of terrorism system adopted by CGPH is subject to independent verification at least once a year by the Internal Audit function, in order to assess its actual effectiveness, adequacy, and compliance with applicable regulations.

  2. Audit activities include:

    1. Reviewing the AML policies, procedures, and controls implemented;

    2. Sampling verification of KYC documentation, SARs submitted, and technological safeguards used; and

    3. Identifying any deficiencies, misalignments, or vulnerabilities, accompanied by operational recommendations.

  3. In case of findings, a remediation plan is prepared with implementation timelines and responsible parties identified. The outcomes of the audit are formally communicated to the Director and form an integral part of the continuous improvement process of the AML system.

 

ARTICLE 15 – DOCUMENT AND DATA RETENTION

  1. CGPH ensures the systematic, secure, and orderly retention of all documentation and data collected in the course of anti-money laundering (AML) and counter-financing of terrorism (CFT) activities. Specifically, the following documents are retained:

    1. Documents related to Customer Due Diligence (CDD), including those of the beneficial owner;

    2. Suspicious Activity Reports (SARs) and related feedback;

    3. Communications with competent authorities; and

    4. Internal audit reports and any other information useful for reconstructing the audit trail of conducted checks.

  2. Such data is retained for a minimum period of five (5) years from the termination of the ongoing relationship or the completion of the occasional transaction. This period may be extended for an additional five (5) years if there are ongoing judicial investigations, explicit requests from authorities, or objective risk-related reasons.

  3. Archiving is managed through protected digital systems, with controlled access, backup procedures, and disaster recovery, in compliance with data protection regulations.

 

ARTICLE 16 – DE-RISKING STRATEGY AND TERMINATION OF RELATIONSHIPS

  1. As part of its risk management strategy, CGPH reserves the right not to establish or to terminate a business relationship if the minimum conditions of transparency, reliability, and cooperation from the client or counterparty are not met.

  2. In particular, de-risking may occur in the presence of:

    1. Unjustified refusal by the client to provide the necessary documentation or information to comply with AML/KYC obligations;

    2. Serious, persistent, and non-mitigable reputational risks, including those arising from indirect involvement with sanctioned parties or illegal activities; and

    3. Counterparties involved in judicial proceedings, international sanctions, prohibitions, or restrictive measures known to CGPH.

  3. Any decision to terminate a relationship is formally motivated, appropriately documented, and subject to final approval by the Director to ensure traceability and proportionality of the measure.

 

ARTICLE 17 – PRIVACY PROTECTION AND DATA SECURITY

  1. The processing of personal data collected within the AML activities by CGPH is carried out in compliance with EU Regulation 2016/679 (GDPR), and any other applicable privacy and cybersecurity regulations.

  2. All data are:

    1. Processed exclusively for the purposes of preventing money laundering and terrorist financing and for fulfilling the related legal obligations;

    2. Collected and retained according to principles of accuracy, relevance, proportionality, and minimization;

    3. Accessible only by authorized, identified, and trained personnel, with traceability of consultation and processing operations.

  3. CGPH adopts appropriate technical and organizational measures to prevent unauthorized access, loss, alteration, or disclosure of data, in line with the principles of confidentiality, integrity, and availability of information.

 

ARTICLE 18 – CONTACTS AND COMMUNICATIONS

  1. For any clarification request, report, or communication related to this AML Policy, compliance measures, or the exercise of rights related to personal data protection, you can contact the CGPH legal and compliance team at the dedicated email address:

    1. legal@cgph.info

  2. This address can also be used for submitting whistleblowing reports, requests for document updates, or information about the adopted AML procedures.

 

ARTICLE 19 – POLICY APPROVAL AND UPDATES

  1. This AML Policy is formally approved by the Director of CGPH, who ensures its consistency with applicable regulations, adherence to international best practices, and functionality in relation to the organization's operational context.

  2. The policy is subject to:

    1. Annual review, based on audit results, regulatory evolution, or internal process adjustments;

    2. Immediate update in case of significant regulatory changes, changes in business activities, or identification of substantial deficiencies; and

    3. Mandatory communication to all involved staff, accompanied, where necessary, by training and awareness sessions.

​Attention: Beware of Fraudulent Activity

​

To ensure your safety, please never make payments to third parties claiming to represent CGPH GROUP

 

 All payments must be made directly to CGPH Group ltd


Always verify that documents, invoices, and communications come directly from us.

 

If you have any doubts about the authenticity of an offer, invoice, or communication, please contact us immediately through our official channels. We are here to support you and verify any information (compliance@cgph.info). Stay safe. Stay informed. 

CGPH Banque d’affaires
Member of  CGPH Group,

6 Place de la Madeleine

75008 Paris, France
RCS Paris 980 746 341

Phone: +33185733371
email: info@cgphbanquedaffaires.com


part of the CGPH Group

bottom of page