Anti-Money Laundering Questionnaire

This document is based on the Wolfsberg Group Financial Crime Compliance Questionnaire
(FCCQ) v1.1 of April 2020.

The Wolfsberg Group consists of the following leading international financial institutions: Banco Santander, Bank
of Tokyo-Mitsubishi UFJ, Barclays, Citigroup, Credit Suisse, Deutsche Bank, Goldman Sachs, HSBC, JP
Morgan Chase, Société Générale and UBS, with the aim of developing standards for the financial services industry
and related products for the "Know Your Customer", "Money Laundering" and "Terrorist Financing"
guidelines. Website www.wolfsberg-principles.com/

Company Name

registered office of the company (country)

1. Organization & Ownership Structure

1 Full legal name

2 Append a list of branches which are

covered by this questionnaire

3 Full Legal (Registered) Address

4 Full Primary Business Address (if

different from above)

5 Date of Entity incorporation / establishment

6 Select type of ownership and append

an ownership chart if available

6a Publicly traded Y☐ N☐
(25% of the shares publicly traded)

Attrax Financial Services S.A. • 3, Heienhaff, L-1736 Senningerberg • Postfach 569, L-2015 Luxembourg
Telefon: +352 2640-7010 • E-Mail: [email protected] • Internet: www.attrax.lu
Handels- und Firmenregister: R.C.S. Luxembourg B77836 • USt.-ID Nr. LU 185 328
Vorstand: Thilo Balzer, Thomas Reicke, Oliver Reinki
Aufsichtsratsvorsitzender: Dr. Daniel Günnewig next page| 1
Ein Unternehmen der Union Investment Gruppe
Anti-Money Laundering Questionnaire

6 a1 If Y, indicate the exchange traded on

and ticker symbol

6b Member Owned / Mutual Y☐ N☐

6c Government or State Owned by 25% or Y☐ N☐

more

6d Privately Owned Y☐ N☐

6 d1 If Y, provide details of shareholders or

ultimate beneficial owners with a holding
of 10% or more

7 % of the Entity's total shares

composed of bearer shares

8 Does the Entity, or any of its branches, Y☐ N☐

operate under an Offshore Banking
License (OBL) ?

8a If Y, provide the name of the

relevant branch/es which operate
under an OBL

next page| 2
Anti-Money Laundering Questionnaire

2. AGW, CTF & Sanction Programs

9 Does the Entity have a programme that sets minimum AML, CTF and
Sanctions standards regarding the following components:

9a Appointed Officer with sufficient Y☐ N☐

experience /expertise

9b Cash Reporting Y☐ N☐

9c CDD Y☐ N☐

9d EDD Y☐ N☐

9e Beneficial Ownership Y☐ N☐

9f Independent Testing Y☐ N☐

9g Periodic Review Y☐ N☐

9h Policies and Procedures Y☐ N☐

9i Risk Assessment Y☐ N☐

9j PEP Screening Y☐ N☐

9k Sanctions Y☐ N☐

9l Adverse Information Screening Y☐ N☐

9m Suspicious Activity Reporting/ Y☐ N☐

tax avoidance

9n Training and Education Y☐ N☐

9o Transaction Monitoring Y☐ N☐

10 Is the Entity's AML, CTF & Sanctions

policy approved at least annually by the Y☐ N☐
Board or equivalent Senior
Management Committee?
11 Does the Entity use third parties to
carry out any components of its AML, Y☐ N☐
CTF & Sanctions programme?

11 a If Y, provide further details:

next page| 3
Anti-Money Laundering Questionnaire

3. Anti Bribery & Corruption

12 Has the Entity documented policies and Y☐ N☐

procedures consistent with applicable
ABC regulations and requirements to
[reasonably] prevent, detect and report
bribery and corruption?

13 Does the Entity's internal audit Y☐ N☐

function or other independent third
party cover ABC Policies and
Procedures?

14 Does the Entity provide mandatory ABC

training to:

14 a Board and Senior Committee Management Y☐ N☐

14 b First Line of Defence Y☐ N☐

14 c Second Line of Defence Y☐ N☐

14 d Third Line of Defence Y☐ N☐

14 e Third parties to which specific Y☐ N☐

compliance activities subject to ABC
risk have been outsourced

14 f Non-employed workers as Y☐ N☐
appropriate (contractors /
consultants)

4. Procedures & Guidelines

15 Has the Entity documented policies and procedures consistent with applicable AML,
CTF & Sanctions regulations and requirements to reasonably prevent, detect and
report:

15 a Money laundering Y☐ N☐

15 b Terrorist financing Y☐ N☐

15 c Sanction violations Y☐ N☐

16 Does the Entity have procedures & policies that:

16 a Prohibit the opening and keeping of Y☐ N☐

anonymous and fictitious named accounts

next page| 4
Anti-Money Laundering Questionnaire

16 b Prohibit the opening and keeping of Y☐ N☐

accounts for unlicensed banks and / or
NBFIs

16 c Prohibit dealing with other entities Y☐ N☐

that provide banking services to
unlicensed banks

16 d Prohibit accounts / relationships with Y☐ N☐

shell banks

16 e Prohibit dealing with another Entity Y☐ N☐

that provides services to shell
banks

16 f Prohibit opening and keeping of Y☐ N☐

accounts for Section 311 designated
entities

16 g Prohibit opening and keeping of Y☐ N☐

accounts for any of unlicensed /
unregulated remittance agents,
exchanges houses, casa de cambio,
bureaux de change or money transfer
agents

16 h Assess the risks of relationships with Y☐ N☐

PEPs, including their family and close
associates

16 i Define escalation processes for financial Y☐ N☐

crime risk issues

16 j Specify how potentially suspicious Y☐ N☐

activity identified by employees is to
be escalated and investigated

16 k Outline the processes regarding Y☐ N☐

screening for sanctions, PEPs and
negative media

17 Has the Entity defined a risk tolerance Y☐ N☐

statement or similar document which
defines a risk boundary around their
business?

18 Does the Entity have a record retention Y☐ N☐

procedures that comply with applicable
laws?

18 a If Y, what is the retention period? Less than 5 years 5 years or more

☐ ☐

next page| 5
Anti-Money Laundering Questionnaire

5. KYC, CDD & EDD

19 Does the Entity verify the identity Y☐ N☐

of its customers?

20 Do the Entity's policies and procedures set Y☐ N☐

out when CDD must be completed, e.g. at
the time of onboarding or within 30 days

21 Which of the following does the Entity gather and retain when conducting CDD?
Select all that apply:

21 a Ownership structure Y☐ N☐

21 b Customer identification Y☐ N☐

21 c Expected activity Y☐ N☐

21 d Nature of business / employment Y☐ N☐

21 e Product usage Y☐ N☐

21 f Purpose and nature of the business Y☐ N☐

relationship

21 g Source of funds (invested funds) Y☐ N☐

21 h Source of wealth Y☐ N☐

22 Are each of the following identified:

22 a Ultimate beneficial owner Y☐ N☐

22 a1 Are ultimate beneficial owners verified? Y☐ N☐

22 b Authorised signatories (where applicable) Y☐ N☐

22 c Key controllers Y☐ N☐

22 d Other relevant parties

23 Does the due diligence process Y☐ N☐

result in customers receiving a risk
classification?

24 Does the Entity have a risk based approach Y☐ N☐

to screening customers and connected
parties to determine whether they are PEPs,
or controlled by PEPs?

next page| 6
Anti-Money Laundering Questionnaire

25 Does the Entity have policies, procedures Y☐ N☐

and processes to review and escalate
potential matches from screening
customers and connected parties to
determine whether they are PEPs, or
controlled by PEPs?

26 Does the Entity have a process to review and update customer information based
on:

26 a KYC renewal Y☐ N☐

26 b Trigger event Y☐ N☐

27 From the list below, which categories of customers or industries are subject to EDD
and / or are restricted, or prohibited by the Entity's FCC programme?

27 a Non-account customers Y☐ N☐

27 b Offshore customers Y☐ N☐

27 c Shell banks Y☐ N☐

27 d Money & Capital Transfer/Money Y☐ N☐

Service Clients (MVTS/MSB)

27 e PEPs Y☐ N☐

27 f PEP Related Y☐ N☐

27 g PEP Close Associate Y☐ N☐

27 h Correspondent Banks Y☐ N☐

27 h1 If enhanced due diligence or enhanced Y☐ N☐

due diligence & resticted, does the EDD
assessment contain the elements as set
out in the Wolfsberg Correspondent
Banking Principles 2014?

27 i Arms, defense, military Y☐ N☐

27 j Nuclear power Y☐ N☐

27 k Extractive industries Y☐ N☐

27 l Precious metals and stones Y☐ N☐

27 m Unregulated charities Y☐ N☐

27 n Regulated charities Y☐ N☐

next page| 7
Anti-Money Laundering Questionnaire

27 o Red light business / Adult entertainment Y☐ N☐

27 p Non-Government Organisations Y☐ N☐

27 q Virtual currencies Y☐ N☐

27 r Marijuana Y☐ N☐

27 s Embassies / Consulates Y☐ N☐

27 t Gambling Y☐ N☐

27 u Payment Service Provider Y☐ N☐

27 v Other (please specify)

28 If restricted, provide details of the restriction

6. Monitoring & Reporting

29 Does the Entity have risk based policies, Y☐ N☐

procedures and monitoring processes for
the identification and reporting of suspicious
activity?

30 What is the method used by the Entity to monitor transactions for suspicious
activities?

30 a Automated Y☐ N☐

30 b Manual Y☐ N☐

30 c Combination of automated and manual Y☐ N☐

31 Does the Entity have regulatory Y☐ N☐

requirements to report suspicious
transactions?
If Y, does the Entity have policies,
31 a
procedures and processes to comply with Y☐ N☐
suspicious transactions reporting
requirements?
32 Does the Entity have policies, procedures Y☐ N☐
and processes to review and escalate
matters arising from the monitoring of
customer transactions and activity?

next page| 8
Anti-Money Laundering Questionnaire

7. Payment transparency

33 Does the Entity adhere to the Wolfsberg Y☐ N☐

Group Payment Transparency Standards?

34 "Does the Entity have policies, procedures and processes to [reasonably] comply
with and have controls in place to ensure compliance with:

34 a FATF Recommendation 16 Y☐ N☐

34 b Local Regulations Y☐ N☐

34 b1 Specify the regulation

34 c If N, explain

8. Sanctions

35 Does the Entity have policies, procedures or Y☐ N☐

other controls reasonably designed to
prohibit and / or detect actions taken to
evade applicable sanctions prohibitions,
such as stripping, or the resubmission and /
or masking, of sanctions relevant information
in cross border transactions?

36 Does the Entity screen its customers, Y☐ N☐

including beneficial ownership information
collected by the Entity, during onboarding
and regularly thereafter against Sanctions
Lists?

37 Select the Sanctions Lists used by the Entity in its sanctions screening processes:

37 a Consolidated United Nations Security Y☐ N☐

Council Sanctions List (UN)

37 b United States Department of the Y☐ N☐

Treasury's Office of Foreign Assets
Control (OFAC)

37 c Office of Financial Sanctions Y☐ N☐

Implementation HMT (OFSI)

next page| 9
Anti-Money Laundering Questionnaire

37 d European Union Consolidated List (EU) Y☐ N☐

37 e Other (specify)

38 Does the Entity have a physical presence, Y☐ N☐

e.g., branches, subsidiaries, or
representative offices located in countries /
regions against which UN, OFAC, OFSI, EU
and G7 member countries have enacted
comprehensive jurisdiction-based
Sanctions?

9. Trainings & Continuing Education

39 The Company offers mandatory training that includes the following:

39 a Identification and reporting of Y☐ N☐

transactions to government authorities

39 b Examples of different forms of money Y☐ N☐

laundering, terrorist financing and sanctions
violations relevant for the types of products
and services offered

39 c "Internal policies for controlling money Y☐ N☐

laundering, terrorist financing and sanctions
violations"

39 d New issues that occur in the market, e.g., Y☐ N☐

significant regulatory actions or new
regulations

40 Is the above mandatory training provided to :

40 a Board and Senior Committee Management Y☐ N☐

40 b 1st Line of Defence Y☐ N☐

40 c 2nd Line of Defence Y☐ N☐

40 d 3rd Line of Defence Y☐ N☐

40 e "3rd parties to which specific FCC activities Y☐ N☐

have been outsourced"

40 f Non-employed workers Y☐ N☐
(contractors / consultants)

next page
| 10
Anti-Money Laundering Questionnaire

10. Audit

41 "In addition to inspections by the Y☐ N☐

government supervisors / regulators, does
the Entity have an internal audit function,
a testing function or other independent
third party, or both, that assesses FCC
AML, CTF and Sanctions policies and
practices on a regular basis?"

next page

| 11
Anti-Money Laundering Questionnaire

Additional information:
(Please specify the question to which the relevant information relates)

We hereby confirm that we will inform you immediately of any changes in ultimate or
fictitious beneficial ownership.

If the contact person has changed, please specify:

Surname, First name:

Position:

Email*:

Phone number:

As part of the simplification of the AML/KYC process which is required by regulation we would like to avoid an inefficient process within your company. That is why we
ask for a specific contact person. In addition, the process is to be made simpler and more efficient by digitalization, which is why an e-mail address is also mandatory.
The collected information will be processed and used exclusively in connection with the fulfillment of the regulatory purposes in the AML/KYC process.
By signing this money laundering questionnaire, the signatory assures that he/she has obtained the consent of the person/persons indicated as central contact persons in
this questionnaire and that the personal data provided here may be processed for this purpose.
*You are also welcome to register a group mailbox.

Signatory Information:
Surname, First name:

Position:

Signature:

Date:

Evaluate and print

| 12