Zephyrcart AML Policy

Last Edited: 21 May 2025

1. Purpose and Scope                                        

This policy outlines Zephyrcart’s commitment to preventing money laundering and terrorist financing activities, in compliance with the UK’s Money Laundering Regulations 2017 and relevant EU directives.

2. Governance and Responsibilities

  • Nominated Officer: Appoint a Nominated Officer responsible for AML compliance, including receiving internal reports of suspicious activities and liaising with authorities.
  • Compliance Oversight: Senior management will oversee AML measures, ensuring effective implementation and regular reviews.

3. Risk Assessment

Conduct a comprehensive risk assessment to identify and mitigate potential money laundering risks associated with:

  • Customer profiles and behaviors
  • Supplier relationships, especially with non-UK entities
  • Transaction patterns and payment methods
  • Geographical locations of customers and suppliers

4. Customer Due Diligence (CDD)

Implement CDD measures to verify customer identities and assess risks:

  • Standard CDD: Collect and verify customer information for all transactions.
  • Enhanced Due Diligence (EDD): Apply for high-risk customers or transactions, such as those involving high-value orders or customers from high-risk jurisdictions.
  • Ongoing Monitoring: Continuously monitor customer transactions for unusual or suspicious activity.

5. Supplier Due Diligence

Ensure all suppliers undergo due diligence checks to verify legitimacy and compliance with AML regulations.

6. Record Keeping

Maintain records for a minimum of five years, including:

  • Customer identification documents
  • Transaction records
  • Risk assessments and due diligence reports
  • Training records

7. Reporting Suspicious Activities

Employees must report any suspicious activities to the Nominated Officer, who will assess and, if necessary, file a Suspicious Activity Report (SAR) with the National Crime Agency (NCA).

8. Training and Awareness

Provide regular AML training to all relevant employees to ensure awareness of AML obligations and procedures.

9. Compliance with EU Business Practices

Align business operations with EU regulations, including:

  • Consumer Rights: Adhere to the Consumer Rights Directive, offering a 14-day return policy and clear information on goods and services.
  • Data Protection: Comply with the General Data Protection Regulation (GDPR) by safeguarding customer data and ensuring privacy rights.
  • VAT Compliance: Register for VAT if annual taxable turnover exceeds the UK threshold of £90,000, and adhere to the EU-wide delivery threshold of €10,000 for cross-border sales.

10. Policy Review

Review and update this AML policy annually or in response to significant changes in regulations or business operations.