TERMS OF USE

The rules for working with the http://innovationgroup.online website (hereinafter referred to as the Rules) are the equivalent of an oral agreement. At the time the client uses any service offered by the service (hereinafter referred to as the Service), the Client is considered to have read and agreed with the Rules.
In the Rules, terms and concepts are used in the following meanings:The virtual asset operator represents a transfer of digital assets for a certain amount of property rights in the amount of the established equivalent between the Client and the Contractor.The performer is the administration of the Service.
Client – Service User who has joined this agreement. Joining the agreement is the immediate start of operations on the Service.
Application – a set of data received from the Client using the software and hardware of the Service, containing sufficient information about the purchase/sale of virtual assets.
Verification – provision of a set of documents to establish the client’s identity.
1. General terms and conditions
The subject of the Rules is the provision by the Service of services for the purchase/sale of virtual assets to the User.
Application – a set of data received from the Site User using the Site’s software and hardware, containing sufficient information about the purchase/sale of virtual assets.
The User is understood as a visitor to the Site who wishes to use the Service, or who has submitted an Application for the purchase/sale of virtual assets.
Contractor - the administration of the Site, through which the User is provided with the service of buying/selling virtual assets.
Applications for transactions are accepted exclusively using the Site and are recorded programmatically by the technical means of the Site.
The purchase/sale of virtual assets means the transfer of virtual assets, in the amount of the established equivalent, between the User and the Contractor.
The operation for the sale of virtual assets should be understood as the transfer of the right to claim property rights in the amount of the established equivalent to the Client of the service from the Contractor, expressed in conventional accounting units of a digital asset, which the Client compensates by means of a non-cash transfer of funds to the Contractor’s account.
2. Order processing
The User places an Order through the Site. The time and data of the Order are automatically recorded by the software and hardware of the Site.
When placing an Order, the User undertakes to indicate in the Application reliable data about his identifier in the virtual asset system; If this requirement is not met, the Order may be closed by the Contractor unilaterally.

PRIVACY POLICY

The administration of the site http://innovationgroup.online is committed to maintaining your privacy on the Internet. We attach great importance to the protection of the data you provide. Our privacy policy is based on the requirements of the European Union General Data Protection Regulation (GDPR). The purposes for which we collect personal data: improving the operation of our service, contacting visitors to this site, sending email newsletters, processing user data for online trading services, providing information requested by the user, providing services related to the line of business this site, as well as for the actions indicated below.
Collection and use of personal dataWe collect and use your personal data only with your voluntary consent. By agreeing to this, you authorize us to collect and use the following data: first and last name, date of birth, email, phone number, home address, bank card data, electronic wallet identifiers, social network account data, identity documents. The collection and processing of your data is carried out in accordance with the laws in force in the European Union.
Data storage, modification and deletionThe user who provided his personal data to the site http://innovationgroup.online has the right to change and delete it, as well as to withdraw his consent to its use. The period for which your personal data will be stored: the time necessary to use the data for the main activities of the site. When you finish using your data, the site administration deletes it. To access your personal data, you can contact the site administration at the following address: http://innovationgroup.online. We can transfer your personal data to a third party only with your voluntary consent; if it has been transferred, then we cannot change the data in other organizations not related to us.
Use of technical data when visiting the siteWhen you visit the site http://innovationgroup.online, records are stored in the database about your IP address, time of visit, browser settings, operating system, as well as other technical information necessary for the correct display of the site’s content. Using this data, it is impossible for us to identify the visitor's identity.
Providing information by childrenIf you are a parent or guardian and you are aware that your children have provided us with personal information without your consent, please contact us: http://innovationgroup.online contacts. It is prohibited to leave personal data of minors on our service without the consent of parents or guardians.
Use of cookiesTo display the content correctly and for ease of use of the http://innovationgroup.online website, we use cookies. These are small files that are stored on your device. They help the site remember information about you, such as what language you are viewing the site in and what pages you have already opened, this information will be useful the next time you visit. Cookies make browsing the site much more convenient. You can read more about these files here. You can configure your browser to accept or block cookies yourself. Failure to accept cookies may limit the functionality of the site.
Use of personal data by other servicesThis site uses third-party Internet services that collect information independently of us: Google Analytics, Google AdSense. The data they collect may be shared with other services within those organizations, which may use the data to personalize advertising for their own advertising network. You can read the user agreements of these organizations on their websites. We do not share personal information with other organizations or services not listed in this privacy policy. The only exception is the transfer of information under the legal requirements of government bodies authorized to carry out these actions.
Links to other sitesOur website http://innovationgroup.online may contain links to other websites that are not operated by us. We are not responsible for their content. We encourage you to read the privacy policy of each website you visit, if it has one.
Changes to the privacy policyOur website http://innovationgroup.online may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page. We monitor changes in legislation relating to personal data in the European Union. If you have left personal data with us, we will notify you of changes to the privacy policy. If your personal data was entered incorrectly, we will not be able to contact you.
Feedback, final provisionsYou can contact the administration of the site http://innovationgroup.online on issues related to the privacy policy at: http://innovationgroup.online, using the contact form specified in the corresponding section of this site. If you do not agree with this privacy policy, you cannot use the services of the http://innovationgroup.online website, in which case you should refrain from visiting our website.

AML & KYC POLICY

I. DefinitionsI.1. Introduction§ 1. Meaning of the document(1) Within the scope of its business activities, the company Innovation Service Group Ltd. provides services that may be abused by a customer for legalization of revenues from criminal activities or for terrorism financing.(2) So, as it is possible to efficiently reduce, aggravate or eliminate such illegal activities in full, the valid legal regulations of the Czech Republic impose fulfilment of many obligations on the company Innovation Service Group Ltd. For that purpose, the company Innovation Service Group Ltd. issues this binding document – the System of Internal regulations, Procedures and Control Measures, transposing the obligatory obligations into the environment of services provided by the company.(3) In a simplified way: legalization of revenues from criminal activities (in laic terms: „money laundering“) means an activity when a customer uses the services of the company Innovation Service Group Ltd. for covering illegal origin of his property or to make its back tracking difficult. So as to legalize the revenues from criminal activities, the offenders use similar methods like for terrorism financing and that is why abatement of the two illegal activities was joined and it is performed simultaneously, using nearly identical methods. Similar rules as those applied in Innovation Service Group Ltd. are binding for similar types of business in the Czech Republic as well as in other countries, because money laundering and terrorism financing is nearly always performed on international level.(4) More, the company Innovation Service Group Ltd. must also apply sanction measures (similarly to anyone else) applied by the Czech Republic in relation to quite a wide group of natural persons and legal entities. That means permanent checks whether a customer is subject to international sanctions or not, respectively fulfilment of other procedures as described here below.(5) In practice, it is highly probable that non-fulfilment of procedures as per this document will cause a breach or omission of statutory obligations with all and any consequences.I.2. General Terms§ 2. AML Act(1) For the purposes of this document, the AML act means Act No. 253/2008 Coll. on some measures against legalization of revenues from criminal activities and terrorism financing, as amended.§ 3. Legalization of revenues from criminal activities(1) According to the AML act, legalization of revenues from criminal activities means activities that are to cover illegal origin of any economic benefit emerging from criminal activities with the aim of establishing an appearance that the property benefits were obtained in compliance with law; the above stated activities include for example:(a) change or transfer of property while knowing that it originates from criminal activities for the purpose of its secrecy or hiding its origin or with the purpose of helping a person participating in such illegal activities to avoid legal consequences of his behaviour,(b) keeping secret or hiding the real character, source, movement of property or its handling or change of rights related to property while knowing that it originates from criminal activities,(c) obtaining, keeping, using the property or its handling while knowing that it originates from criminal activities, or(d) criminal conspiracy of persons or any other form of unification with the purpose of activities specified in previous points.§ 4. Terrorism Financing(1) According to the AML act, terrorism financing includes:(a) collection or provision of financial means or other property while knowing that it will be used – even partially – for committing a crime of terror, terrorist attack or a criminal act that should allow or assist in committing of such a criminal act or that should support a person or a group of persons preparing for committing such a criminal act, or(b) behaviour leading to provision of remuneration or compensation of an offender of a criminal act of terror, terrorist attack or a criminal act that should allow or help in such a criminal act commitment, or persons close to the offender according to penal law, or collection of means for such a remuneration or compensation.(2) Terrorism financing also means financing of mass destruction weapons distribution, i.e., collection or provision of financial means or any other property while knowing that it will be used – even partially – by the distributor of mass destruction weapons or for such weapons distribution in contradiction with international law requirements.§ 5. Obliged person(1) According to the AML Act, an obliged person means the company Innovation Service Group Ltd., with its registered seat in st. Chudenicka 1059/30, Hostivar, 102 00 Prague 10, Czech Republic, company ID: 17743281 for activities of providing of services related to a Virtual assets.§ 6. Customer(1) For the purposes of this document, a customer means any natural person or legal entity:(a) which the company Innovation Service Group Ltd. established business relation with, or(b) which started negotiations with Innovation Service Group Ltd. on business relation establishment (i.e., it showed interest in a business relation establishment), or(c) which the company Innovation Service Group Ltd. already finished business relations with(d) which becomes a virtual assets service user of the company Innovation Service Group Ltd.(e) a person being an agent of services of another customer (e.g., it is entitled – on the basis of a power of attorney that the company must keep – to issue Virtual assets).(2) It is not decisive whether it is a natural person or a legal entity carrying business or not. In case of a legal entity, it is supposed that one concrete natural person always acts on behalf of it (e.g., a member of the statutory authority, an employee, etc.).§ 7. Virtual Assets Service(1) For the purpose of this document, the virtual assets service means any handling of customer’s property or provision of a service to a customer as mentioned in §4(8) of AML Act, and contain next services:(a) Virtual assets wallet service:(i) means a service in the framework of which keys are generated for customers or customers’ encrypted keys are kept, which can be used for the purpose of keeping, storing and transferring virtual assets;(b) Virtual assets exchange service(i) means a service with the help of which a person exchanges virtual assets against a fiat currency or a fiat currency against virtual assets or virtual assets against another virtual assets;(c) which is not contained in previous point, but it is directly connected with such an activity.According to §4(9) of AML Act, virtual asset means an electronically storable or transferable unit that is:capable of performing a payment, exchange or investment function, whether or not it has an issuer, unless it isa security, an investment instrument, or a monetary instrument under the Act on Payments,an entity referred to in Section 3(3)(c)(4) to (7) of the Act on Payments, ora unit by which a payment is made pursuant to Section 3(3)(e) of the Act on Payments, ora unit referred to in point (a)(ii) and which can ultimately be used to pay only for a narrowly defined range of goods or services which includes an electronically storable or transferable unit referred to in point (a).(2) A virtual assets service also means any service provided without appropriate authorization, registration or license, even though it would be in contradiction with law.§ 8. Business relation(1) A business relation means a contractual relation by and between the customer and the company Innovation Service Group Ltd., based on which the customer is provided with virtual assets service. A business relation is usually established on the basis of a frame contract on provision of virtual assets service. The company Innovation Service Group Ltd. provides virtual assets service on the basis of business relations only, not on the basis of an agreement on a lump-sum payment transaction.§ 9. Customer’s instruction(1) Customer’s instruction means any instruction issued by the customer or by a person authorized to act in this matter on customer’s account, requiring for the company Innovation Service Group Ltd. to provide a virtual assets service or to make another act within the scope of the virtual assets service provided, e.g., a Virtual asset order.(2) It is not important in which way was the customer’s instruction handed over to Innovation Service Group Ltd. (electronically, by phone, personally or in any other way). It is also not important whether the customer’s instruction was accepted or not.§ 10. Staff setting(1) The obligations set out in this document apply to certain groups of employees - in particular the employees, the AML officer and the responsible person. They also apply to any person who may encounter a suspicious transaction (Chapters IV1. – IV.3) or perform any of the activities described in this document, as well as other persons. All of these people may potentially encounter trade suspected of attempting ML-FT.(2) It is irrelevant whether it is a direct employee or a work performed on the basis of another relationship or without any relationship (even as a free aid).(3) Unless the company Innovation Service Group Ltd. is capable of ensuring the full and error-free performance of its obligations under this document and the Risk Assessment, it must reduce or even suspend virtual assets service activity until such a defect ceases, unless this is in conflict with the obligations under the legal regulations. This is the case, for example, in the event of a sudden failure of employees and replacement by temporary under-experienced assistance. Thus, ML-FT prevention activities must at all times be adequately staffed (both qualitatively and quantitatively). Responsibility for meeting this obligation lies with the responsible person.(4) Furthermore, the responsible person is responsible for selecting the persons who are bound by this document. The responsible person shall always verify that the employee is able to fulfil the obligations laid down in this document before recruiting a new employee for the position concerned by this document or before transferring an existing employee to that position. These abilities / skills include:(a) sufficient language skills of the employee to handle communication with a typical customer(b) sufficient employee awareness of the management and ownership structures of the customer, which is a legal entity, so that he / she can perform his / her duties perfectly for this type of customer(c) sufficient computer skills and software that is used to enable the employee to make full use of these resources to fulfil their duties(d) sufficient and professional ways and integrity in dealing with the customer to be able to correctly communicate the requirements for identification and possible control of the customer (to explain to the customer the reasons for the requested information and insist on it, not to be “persuaded” by the customer)(e) sufficient knowledge of all procedures set out in this document and the Employee Risk Assessment achieved by the training under Chapter V.3, which must be carried out no later than the first act mentioned in this document or the Risk Assessment.§ 11. Employee(1) For the purposes of this document, an employee means any person who is – in the course of fulfilment of its work tasks – in the name of the company Innovation Service Group Ltd. :(a) authorized to negotiate regarding establishment of a business relation with a potential customer, or(b) authorized to establish business relation with a customer, or(c) negotiates with the customer on provision of virtual assets service or receives customer’s instructions, or(d) performs individual acts in provision of virtual assets service to a customer (even partial ones), or(e) participates in any way in negotiations with a customer or in activities connected with provision of virtual assets service.(2) An employee is a direct employee as well as a person performing such activities on the basis of another relation than the employment contract, including a negotiator.(3) An employee is also a person who is not an employee at the present moment, but he/she was authorised (even though just temporarily) to perform an activity, the realisation of which is set to an employee by this document.§ 12. Personal related to the Customer(1) For the purposes of this document, persons related to customers mean all and any of the following persons (natural persons or legal entities):(a) statutory authority of the customer or a member of it(b) beneficial owner or controlling person of the customer(c) a person authorised to negotiate with the company Innovation Service Group Ltd. on behalf of the customer(d) a person authorised by the customer to make business (to enter virtual asset orders).§ 13. AML officer(1) A person identified in this document as an AML officer means a person authorised to arrange compliance of business activities of the company Innovation Service Group Ltd. with legal regulations in the field of avoidance of proceeds from criminal activities, terrorism financing and application of international sanctions. It concerns mainly arrangement of compliance with the following regulations:(a) AML Act(b) Act No. 69/2006 Coll. on realisation of international sanctions(c) Regulation No. 67/2018 Coll. on selected requirements towards system of internal regulations, procedures and control measures against legalization of proceeds from crime and financing of terrorism(d) approved AML standards communicated by the Czech National Bank.(2) Generally, it is supposed that the AML officer is a person directly governing an employee, authorized to establish business relation or negotiations in the matter of virtual assets service provision.(3) The person appointed in the company Innovation Service Group Ltd. and authorised to execute the position of an AML officer is specified in Annex No. 2.§ 14. Responsible person(1) The responsible person of the obliged person means – for the purposes of this document – any member of the statutory authority of the obliged person.§ 15. Virtual assets service value(1) For the purposes of this document the virtual assets service value value means the general value of property being a subject of the virtual assets service. It is the value of the property as made available by the customer to the company Innovation Service Group Ltd. for the purpose of the virtual assets service provision respectively the value that is to be transferred, exchanged or otherwise used. In case of mutually related virtual assets service, the virtual assets service value is the sum of the services.§ 16. Conversion of sums(1) For the purposes of this document, the sum which is set in Euro (EUR) means an equal value in any currency converted based on the exchange rate announced by the Czech National Bank and valid for the day. If the exchange rate is not available that day yet, the exchange rate for the previous day applies. For current Exchange rates list of the Czech National Bank see https://www.cnb.cz/cs/financni-trhy/devizovy-trh/kurzy-devizoveho-trhu/kurzy-devizoveho-trhu/.§ 17. Binding force for third persons(1) The procedures set forth in this document are also binding on persons acting in the performance of virtual assets service or in establishing business relationships on behalf of or for the account of the company Innovation Service Group Ltd. mainly for authorized representatives (hereinafter referred to as “representative”). The responsible person shall ensure that the representative accepts and / or fully integrates these procedures into his / her own internal procedures. The responsible person shall also ensure compliance with the obligations set out in this document in the representative's environment.I.3. Definition of a Politically Exposed Person§ 18. Politically Exposed Person – definition(1) According to the AML Act, a Politically Exposed Person („PEP“) means a natural person who is or was in an important public function with regional, national or even higher importance, for example:(a) chief representative of municipal authorities – major of a town or village, chief magistrate, region commissioner,(b) chief representative of municipal authorities for a foreign country with federative organization – chief representative of country authorities, members of country government and parliament, etc.,(c) head of state, prime minister, head of central authority of state administration (e.g., a minister) and his/her representative (deputy minister or secretary of state),(d) member of the Parliament, member of the control authority of a political party,(e) judge of the supreme court, constitution court or another supreme judicial authority,(f) member of the banking council of a central bank,(g) high officer of armed forces,(h) member of the statutory authority or representative of a member (in case of a legal person to be a member of the statutory authority) of a business corporation controlled by state,(i) ambassador or head of a diplomatic mission,(j) or a natural person performing or having performed any similar function in another country, EU authority or in an international organization.(2) A PEP is also considered to be a person close to the above stated person, mainly:(a) relatives in direct line – parents, grandparents, etc., children, grandchildren, grand grandchildren, etc.(b) siblings, wife, husband, partner(c) relatives of wife, husband, partner – son in law, daughter in law, father in law, mother in law(d) a person who lives with him/her on permanent basis(e) a person in family relation or similar relation to him/her, in case of any detriment suffered by one person to be justifiably considered as own detriment by the other person.(3) A PEP is also considered to be a person from the "business surroundings", being(a) a partner or beneficial owner of the same legal entity or trust fund as the person in the first paragraph,(b) known by the obligated person to be in close business relation with the person as per the first paragraph; that means material inter-relations within the scope of business activities, when the success or detriment of one person could be justifiably considered to be own benefit or detriment by the other person,(c) a beneficial owner of a legal entity or trust fund, which is the obligated person aware of the fact that they were developed in favor of the person specified in the first paragraph.I.4. Definition of a Beneficial Owner§ 19. Beneficial owner of a legal entity(1) A beneficial owner is always related to a legal entity only. According to the AML Act, a beneficial owner means a natural person with factual or legal possibility of direct or indirect application of decisive influence in a legal entity, in a fiduciary fund or in any other legal organisation without legal personality. It is supposed that in case of fulfilment of conditions contained in previous sentence, the following person is a beneficial owner:(a) In case of a business corporation (usually a limited liability company, a joint stock company, etc.), the beneficial owner is a natural person who:(i) independently or together with persons acting in compliance manages more than 25 % of voting rights of the business corporation or has a share in basic capital above 25 %, or(ii) independently or together with persons acting in compliance controls the person specified in previous point, or(iii) is a recipient of at least 25 % of profits of the business corporation, or(iv) is a member of the statutory authority, representative of a legal person in the authority or in the position similar to the position of a statutory authority member, if he is not a beneficial owner or if it is not possible to set him according to previous points.(b) In case of an association, a non-profit organization, association of unit owners, church, religious association or any other legal entity according to the act dealing with position of churches and religious associations, the beneficial owner is a natural person:(i) who manages more than 25 % of its voting rights, or(ii) who is recipient of at least 25 % of the means distributed by it, or(iii) who is a member of the statutory authority, representative of a legal person in the authority or in the position similar to the position of a statutory authority member, if he is not a beneficial owner or if it is not possible to set him according to previous points.(c) In case of foundation, institution, endowment fund, trust fund or any other legal organization without legal personality a natural person or a beneficial owner of a legal entity, the beneficial owner is a person being in position of:(i) a founder, and then(ii) trustee, and then(iii) beneficiary, and then(iv) a person, in the interest of whom there was established or works the foundation, institution, endowment fund, trust fund or any other legal organization without legal personality, unless the fiduciary is appointed, and then(v) persons entitled to perform supervision over the administration of the foundation, institution, endowment fund, trust fund or any other legal organization without legal personality.I.5. Definition of a Controlling Person§ 20. Controlling person(1) According to Section 74 et conseq. Act No. 90/2012 Coll., on Commercial Companies and Cooperatives (Business Corporations Act), a controlling person means a natural person or legal entity who may directly or indirectly apply decisive influence in a business corporation. The indirect corporation means the influence executed through another person or other persons.(2) The controlling person(s) is/are:(a) always a person who is a majority owner, unless specified otherwise in the points below, and then(b) always a person who is a controlling person of the concern (Section 79 Act No. 90/2012 Coll.), and then(c) a person who may appoint or remove most of the persons being members of the statutory authorities of the business corporation or persons in similar position or members of a control authority of the business corporation, which he/she is a partner of, or he/she may push such an appointment, or(d) the person who manages the share in voting rights representing at least 40 % of all the votes in the business corporation, unless the same or higher share is managed by another person or persons, acting in conformity, or(e) persons acting in conformity, who jointly manage a share in voting rights representing at least 40 % of all the votes in the business corporation unless the same or higher share is managed by another person or persons, acting in conformity, or(f) a person who independently or together with other persons, acting in conformity, obtains a share in voting rights representing at least 30 % of all the votes in the business corporation and the share represented more than one half of voting rights of present persons during 3 recent consequent meetings of the supreme authority of the person.(3) For better understanding of conditions under which a natural person or a legal entity may be considered a controlling person, we recommend studying of relevant stipulations of the Act on business companies and co-operatives (Business Corporations Act). II. Business relation establishmentII.1. Procedure before business relation establishment§ 21. Procedure before business relation establishment(1) In case of a customer to show his interest in establishment of business relations with the company Innovation Service Group Ltd. , there must always be performed the following procedure. The employee authorized to negotiate the business relation establishment with the customer:(a) establishes a file (as a physical and virtual space) to keep all and any information and documents according to the system of internal rules related to the business relation or customer (unless it has been established earlier), and(b) according to Chapter II.2 he performed the initial identification of the customer (unless it has been performed earlier) – applying the procedure dependent on whether the customer is a natural person or a legal entity, and(c) according to Chapter II.5 performs the first check of the customer(d) according to Chapter II.6 sets up the risk profile of the customer based on risk assessment(e) provides this information to the AML officer, who will assess it and decide whether or not the business relationship will be established; The AML officer shall take into account, in particular, the obligations under Chapter II.8 and the customer's risk profile, in particular if it is of type B, C, D or even E.(2) Only after full performance of the above stated procedure (and depending on its results) an employee may be entitled to act on behalf of the company Innovation Service Group Ltd. so as to establish a business relation and Innovation Service Group Ltd. may start provision of services within the frame of the business relation.(3) If it is proved that the customer is a PEP, the establishment of the business relation must be approved by the statutory authority of the company Innovation Service Group Ltd. (including the case when the customer is a legal entity, towards which obligations are applied as well as towards the PEP).§ 22. Persons authorised to act on customer’s behalf in the matter of business relation establishment(1) Only a customer is entitled to act in the matter of a business relation establishment (i.e., the customer himself or his statutory authority or member of the statutory authority) or a person authorised by the customer to do so, customer’s statutory representative or guardian.(2) The authorization is proved by a power of attorney with legalised signature of the donor or by its legalised copy, containing identification data of the donor of power and the deputy and also the extent in which the deputy may act on behalf of the donor of the power. Original copies of the power of attorney or its legalised copy must be maintained. For detailed information on data recording and keeping see Chapter V.5.(3) Statutory representation is proved by a deed indicating it – for example a certificate of birth of a child, represented by a parent. In case of a different statutory representative or guardian the right to represent a customer is proved by a court resolution. The company does not have to keep such documents – in case of a court resolution it must only record the file number.§ 23. Customer’s obligation to provide co-operation(1) The customer is obliged to submit in full extent to the initial identification and provide information necessary for performance of all and any other acts mentioned in this chapter and to prove them with necessary documents (if required).§ 24. Check of information in case of any doubts(1) Whenever doubts arise as to the information or data (obtained as part of customer identification or control), the employee shall verify this information without undue delay. This is done by verifying the information either from publicly available sources or by contacting the customer to provide him with appropriate explanations and possibly documents.§ 25. Assessment of customer’s behaviour(1) In the course of fulfilment of procedures set in this chapter as well as in the course of any other negotiations with the customer, the employee makes permanent assessment on whether the customer’s behaviour does not indicate features of a suspect business. The employee performs such an assessment in compliance with Chapter IV.1.§ 26. When the customer conceals acting on behalf of a third person(1) In case of an employee to suspect for the customer not to act on his own behalf while negotiating on business relation establishment (i.e., that the purpose of the business relation is to provide services to a different person but the customer) or that he conceals that he acts on behalf of a third person, the employee refuses to establish the business relation.§ 27. Simplified identification and check of the customer(1) The AML act sets a group of persons generally considered to be of a low risk due to supervision executed over them. In relation to such persons, the company Innovation Service Group Ltd. does not have to perform identification and checks using the procedures specified in Chapters II.2 and II.5.(2) It concerns the following persons:(a) Clients without the national risk factors, and(b) Clients who are not showing the factors for EDD.(3) National risk factors are as following(a) Client risk factors:(i) The business relationship is conducted under unusual circumstances,(ii) the client is located in a geographic area of heightened risk as set out in point 3,(iii) the legal entity or trust is a personal asset holding vehicle,(iv) the client is a business corporation in which there may be authorized shareholders or partners or which issues shares in bearer form,(v) the client uses cash extensively in its business activities,(vi) the ownership structure of the client appears unusual or overly complex given the nature of its business,(vii) the client is a beneficiary of a life insurance policy,(viii) the client's business involves increased risk.(b) Factors relating to products, services, transactions or distribution channels:(i) use of private banking services,(ii) the use of products or transactions that could facilitate anonymity,(iii) business relationships or transactions without the personal presence of the customer or the natural person acting on his behalf and without certain security measures such as electronic signatures,(iv) incoming payments from unknown or unrelated third parties; or(v) new products and new business practices, including new distribution systems, and the use of new or emerging technologies for new or existing products.(c) Geographic risk factors:(i) Countries that have been identified by European Union authorities or international institutions dealing with measures against money laundering, terrorist financing or proliferation of weapons of mass destruction as lacking effective systems to combat money laundering and terrorist financing or engaging in illicit proliferation of weapons of mass destruction,(ii) countries that have been identified by credible sources as having significant levels of corruption or other criminal activity,(iii) countries subject to sanctions, embargoes or similar restrictive measures imposed, for example, by the European Union or the United Nations; or(iv) countries that provide funding or support for terrorist activities or in which identified terrorist organisations operate.(4) In case that the employee supposed that the customer belongs to the list of such persons, it is necessary for him to apply the following procedure:(a) he clearly verifies whether the client fulfills the criteria;(b) on the basis of information having available, the employee makes an assessment whether the customer or the intended business relation does not represent an elevated risk of abuse for legalisation of proceeds from crimes or financing of terrorism; in the course of assessment, the employee uses all the information that the company has available and it is also allowed for him to arrange other supporting or missing information by himself; in case of any doubts it is not possible to use simplified identification and control;(c) the employee makes an assessment whether – based on information available to Innovation Service Group Ltd. - the customer does not fall within a risk group based on risk assessment (i.e., he was assigned the risk profile of B, C, D or E type); if so, it is not possible to use simplified identification and control;(d) the employee finds out whether the customer is a PEP or not; if the customer is a PEP there will not be used the procedure of simplified identification and control;(e) the employee establishes and records in a suitable way the identification data of the customer; it is not necessary to check the customer and set up the risk profile.(5) It is necessary to write a record about the whole checking procedure, clearly indicating also who, when and on the basis of what performed the checks. The record is maintained and kept as a part of documentation related to the customer or to the business relation.(6) Moreover, in the course of the business relation duration, the employee must periodically check whether there persist all the conditions for use of simplified verification and check of the customer. In case of any of the conditions to be broken, the customer is considered to be not allowed to be applied the simplified identification and check of customer and the procedures must be immediately performed before provision of any other services to the customer.(7) Application of the procedure of simplified identification and control / check does not affect other obligations set in this document, mainly the obligation of assessment whether the service provided to the customer does not indicate features of a suspect trade according to Chapter IV.1 List of features and suspect trades and their assessment.(8) The document Risk Assessment may set for individual types of customers, services and methods of their use that it is prohibited to apply the exception from identification and control. The employee must respect such a limitation.§ 28. Enhanced identification and check of the customer(1) The AML act sets a group of factors that can mean a high risk of a client. In relation to such persons, the company Innovation Service Group Ltd. has to perform stronger identification and checks.(2) Enhanced identification and check should happen in the following cases:(a) During establishment and during the course of a business relationship with a person established in a high-risk third country (as per FATF and EU lists that can be found in the Annex 5),(b) prior to the execution of a transaction relating to a high-risk third country (as per FATF and EU lists that can be found in the Annex 5),(c) prior to or when entering into a business relationship with a politically exposed person.(3) In enhanced identification and control, Innovation Service Group Ltd. shall, to the extent necessary to effectively manage the identified risk, go beyond the measures applied in client identification and control:(a) obtain additional documents or information about:(i) the beneficial owner,(ii) the intended nature of the business relationship and(iii) the source of the client's and beneficial owner's funds and other assets,(b) verify the documents or information obtained from multiple credible sources,(c) regularly and intensively monitor the business relationship and the transactions within the business relationship,(d) obtain the consent of a member of its statutory body or the person authorised by it to manage the measures against money laundering and terrorist financing to enter into or continue the business relationship,(e) requires the first payment under the business relationship or a trade outside the business relationship to be made from an account held in the name of the client with a credit institution or a foreign credit institution which is subject to customer identification and control requirements at least equivalent to those of European Union law, or(f) implement other measures taking into account the nature of the obliged person, its activities and its own risk assessment.II.2. Procedure for the Initial Identification of a Customer§ 29. Initial identification procedure(1) The initial customer identification means the procedure, when the identity card (as specified here below) is used for check and recording of identification and other data of the customer (for specification see below).(2) The initial identification of a customer is performed by one of the following ways:(a) so called „face to face“ – a personal meeting with the customer or with a person representing him/her(b) so called „remote“ – the customer sends the documents and the customer is checked by the first payment without necessity of a personal meeting with the customer.(c) so called “technical” – the customer sends the documents and is checked by video verification.(3) More, the initial identification of a customer always includes:(a) establishment whether the customer is a PEP or not using the procedure according to Chapter II.3 and also(b) establishment whether the Czech Republic applies international sanctions towards the customer according to Chapter II.4.(4) In case of the customer’s initial identification to be performed just earlier, it is not necessary to repeat the process. But it is necessary to check thoroughly whether all and any registered identification data are current and whether the company has all the documents that are to be obtained during the identification (for example the power of attorney) and it is also necessary to check whether the Czech Republic does not apply international sanctions towards the customer.§ 30. Identification of a natural person „face to face“(1) The „face to face“ identification is performed in physical presence of the customer or a person that represents the customer in the course of the business relation establishment (in case of a customer – a legal entity). On the basis of the identity card presented, the employee checks „face to face“ the compliance of customer’s appearance (or the person representing the customer) with the image in the identity card and more, he/she checks and records identification data from the identity card.(2) More, in case of a legal entity to be the customer, it is also necessary to perform identification of the legal entity and to find out whether the „face to face“ identified natural person is entitled to act on behalf of the customer, respectively let him/her prove it by a power of attorney.§ 31. „Remote“ identification of a customer(1) An employee may perform identification even without physical presence of the customer who is a natural person or a natural person acting on behalf of the customer when establishing the business relation in case of the customer to be a legal entity (i.e.,, without presence of the person signing the contract). The procedure replaces identification of only the specific acting natural person and that is why it is necessary to make other steps in identification as usual (to establish PEP, to check sanctions, respectively to identify a legal entity, to check the right to act on behalf of the customer, etc.).(2) If it is not possible to apply the complete procedure as specified here above or there are any doubts regarding real identity of the customer, the employee will not use the identification procedure and he will use some other method.(3) The identified natural person will send (by e-mail or by post) to the company Innovation Service Group Ltd. a copy or a scan or photo of two different types of IDs (belonging to the identified person; he follows the list of accepted identity cards), while:(a) if it is an ID of the identification card type, the customer sends copies, scans or photos of the front and rear side of the card;(b) if it is an ID of a plate type (i.e.,, a „booklet“), the customer will send a copy, scan or a photo of the identification spread respectively also of the page with require data (for example address of stay inside of the residence permit);(c) the customer may hide the data that are not require for the identification performance (e.g., wife’s name, etc.);(d) both of the IDs must clearly indicate not only the identification data, but also the type and number of the identity card, country and possibly the authority issuing it and the term of validity;(e) the copy and the scan may be black-and-white, but there must not emerge any doubts regarding genuineness of the identity cards or the person’s identity.(4) More, the customer will send to the company Innovation Service Group Ltd. a proof, confirming existence of an account kept at the customer’s name in a bank or in a savings and loan co-operative or in a foreign bank or in a savings and loan co-operative operating in the territory of a member state of the European Economic Area, while:(a) there is accepted a copy, scan, PDF file or a photograph containing the agreement on account keeping or customer’s account statement (that also means a common account of a married couple in case of the customer being a natural person)(b) we do not accept images from Internet banking (so called „Print Screens“)(c) the customer may hide the data that we do not require, but it must be always seen that the account is kept to customer’s name (i.e., in case of a legal person not to the name of the acting natural person, but beneficiary person in the name of the legal entity).(5) More, there must be arranged that the first payment from the contract concluded will be performed through the customer’s account from the previous point:(a) the first payment means a payment from the customer of the company Innovation Service Group Ltd.; in such a case the sum of the payment is not significant(b) a payment to the account is not supposed to be a cash deposit to the account or payment by a postal order(c) the employee is obliged to supervise for the first payment to be done in compliance with the condition; if it is not done so or if the payment is not successfully performed (e.g., it returns back), it is necessary to immediately terminate services provision and perform the identification in a different way.(6) Except for the above stated conditions, the employee will assess – based on information available to Innovation Service Group Ltd. whether the customer, product or concrete business relation does not represent an elevated risk of abuse for legalization of proceeds from crimes or terrorism financing – otherwise he will not use this way of identification. He will also use risk assessment.§ 32. „Technical“ identification of a customer(1) An employee may perform identification even without physical presence of the customer who is a natural person or a natural person acting on behalf of the customer when establishing the business relation in case of the customer to be a legal entity (i.e., without presence of the person signing the contract). The procedure replaces identification of only the specific acting natural person and that is why it is necessary to make other steps in identification as usual (to establish PEP, to check sanctions, respectively to identify a legal entity, to check the right to act on behalf of the customer, etc.).(2) If it is not possible to apply the complete procedure as specified here above or there are any doubts regarding real identity of the customer, the employee will not use the identification procedure and he will use some other method.(3) The identified natural person must use the following:(a) a document according to the §33 is used for identification of a person and verification of data with the help of information technology means;(b) an information technology tool with a working camera, microphone and necessary hardware and software for digital identification, as well as internet connection with adequate speed.(4) Tools provided for in section 3 (b) must meet the technical specifications, standards and procedures for a high level of assurance laid down by a directly applicable regulation of the European Union governing minimum technical specifications, standards and procedures for levels of assurance for electronic identification devices and which is issued and used within a qualified system under the Electronic Identification Act.(5) The client sends the KYC questionnaire and any other required papers to the Innovation Service Group Ltd.(6) A third-party firm that provides video identification of clients can be used by the Innovation Service Group Ltd.§ 33. Accepted identity cards (certificates of identity)(1) The employee of Innovation Service Group Ltd. will accept for identification purposes mainly the following type of identity cards (certificates of identity):(a) passport issued by any country(b) identity card issued by a member state of the European Union and Iceland, Norway, Switzerland and Liechtenstein;(c) driving license issued by a member state of the European Union and Iceland, Norway, Switzerland and Liechtenstein;(d) residence permit proof issued by a member state of the European Union and Iceland, Norway, Switzerland and Liechtenstein.(2) In addition to the types of identity cards listed here, an employee may also use another identity card issued by a public authority for identification, is valid at the moment of identification, includes images and at least some of the authorized holder's identification data.§ 34. Features of an identity card not suitable for identification(1) In case that the customer presents an identity card that shows any of the below stated features, the employee will refuse to make the identification on its basis and he will ask the customer for a different identity card:(a) identity card not showing any marks of credibility (mainly in case of identity cards issued abroad)(b) identity card, which the employee does not believe to be issued by a public administration authority (mainly in case of identity cards issued abroad)(c) identity card after its validity term expiration (if specified)(d) identity card which is excessively damaged (i.e., unreadable, overwritten, glued, without pages to be fixed, with missing pages or additionally glued)(e) identity card without photograph or with a photograph that was adjusted or changed or that cannot be used for sufficient check of compliance of the photograph and the customer’s appearance(f) identity card in which the appearance on the photograph does not correspond with the customer’s appearance(g) identity card from which it is not possible to clearly set the authority and the state of the card issue(h) identity card which is just a black-and-white or colour copy of the original identity card.(2) In case of the employee not to be sure whether the identity card presented is valid or authentic, it is possible to check authenticity and protective elements against forgery using the on-line system „PRADO – public registry of valid identity cards and passports“. The system is available for free at http://prado.consilium.europa.eu/. More, the system provides references to national sites of document issuers, where it is possible to check whether the document has not been marked as stolen, missing or otherwise excluded from the evidence.§ 35. Identification data of a natural person(1) On the basis of the identity card presented or delivered, the employee checks and records all of the below stated identification data:(a) all the names and surnames of the customer (if there may appear any doubts – in case of foreigners – which is the name and which is the surname, the surname is written in capital letters)(b) personal number; if it was not assigned, then the date of birth(c) place of birth (including the country in case of the place of birth to be outside the Czech Republic)(d) sex(e) permanent or other residence(f) citizenship(g) type and number of identity card(h) country, respectively authority issuing the identity card(i) term of validity of the identity card.§ 36. Absence of identification data of a natural person(1) In practice there may occur a situation when some required data are not apparent from the identity card presented or sent, because they are not contained there. In such a situation the employee directly asks the identified person about the missing data and asks the person to communicate the data in written or oral form (unless it has already done so e.g., in an application for use of services) and to supported by a supporting document. In case of the person not to have the supporting document, there is no other possibility but to rely on the statement. The procedure applies mainly to permanent or other residence which is usually not specified in a passport.(2) Regarding the individual identification data established only on the basis of oral communication (and possibly verified from some supporting document only) it is necessary to note that they were verified on the basis of an identity card – it is done by writing „not verified“ or the abbreviation „not verif.” at a specific data.§ 37. Initial identification of a natural person - entrepreneur(1) In case of the customer to conduct in the business relation as a natural person – entrepreneur, it is necessary – together with the above stated process of identification of a natural person – to record and check even all of the below stated data:trade name, differing amendment or other markingplace of businessidentification number of the person.(2) The employee will verify the above stated data on the basis of a document presented by the customer regarding registration of the natural person in the evidence of natural persons – entrepreneurs or the employee may arrange such a document by himself. The document is most frequently an original or a legalised copy of an extract from the trade registry or commercial registry or some similar evidence. The document must contain currently valid data.(3) Even those identification data are recorded in the contractual documentation.§ 38. Procedure for the initial identification of a legal entity(1) In case of the customer to be a legal entity, the identification of each person acting on its behalf in business relation establishment must be performed, while the employee also identifies the legal person (i.e., the customer himself). More, it is also necessary to identify every person to act on behalf of the customer in the course of the business relation duration (so called agent / managing clerk).(2) The employee proceeds as follows: the customer presents a proof on existence of a legal entity or the employee obtains it by himself. The document includes mainly:(a) original or certified copy of an extract from the trade register in case of legal entities registered in such a registry (mainly business corporations)(b) record from initial session of the municipal council in case of a municipality(c) extract from the registry of churches and religious organizations as issued by the Ministry of Culture of the Czech Republic(d) similar evidences in abroad(e) in case that there is not any such evidence in the country of headquarters of a foreign entity, then an officially legalised Articles of incorporation or some other document establishing the foreign entity and containing all the changes.(3) The employee must always have available an original copy or certified copy of the proof of existence of the foreign entity. In case of a legal entity registered in the trade register in the Czech Republic, the employee may make an extract from the trade register by himself from the address or.justice.cz, because there are signed by a guaranteed electronic signature and they are considered to be an original.(4) The document on existence of a legal entity must contain the currently valid data and the document may not be older than 6 months. Using the presented or obtained document, the employee will check and record the below stated identification data of the legal entity.(5) In case of the customer to present a proof of existence of the legal entity issued in another country, it is necessary to pay extra attention to the fact whether it was issued by an entitled authority. It is not possible to consider a private subject to be an entitled authority – just the public administration authority of the foreign country. In case of the document to be issued in a language that is not known to the employee, the employee will require an official translation to Czech Language. In case of the employee to be in doubts regarding the credibility of the document presented, the employee will refuse performance of the identification and he will ask the customer for a credible document.§ 39. Identification data of a legal entity(1) Identification data of a legal entity are all of the below stated data:(a) trade name or name, including the differing amendment or other marking(b) headquarters of the company (address and country)(c) identification number of the company or similar number assigned abroad(d) data of each natural person being a statutory authority or its member and allowing its clear identification; it concerns the following data as a minimum: all the names and surnames, dates of birth, permanent or other residence and citizenship.(2) In case of another legal entity to be the statutory authority, its member or controlling person (see the definition in Chapter I.5), there will be recorded event its identification data as specified above.(3) In case of the customer to be a trust fund or some other legal organisation without legal personality, the identification data include its marking and identification data of its administrator, manager or person in similar position according to this chapter (these may be natural persons or legal entities).(4) The document Risk Assessment may (so as to eliminate ML-FT risks) set even other identification data that must be obtained, recorded and possibly also checked. The treasurer must respect the extended list.§ 40. Initial identification of a customer on the basis of a power of attorney(1) In case of the customer (a natural person or a legal entity) to be represented on the basis of a power of attorney, the employee proceeds as follows:(a) The attorney must present or deliver to the employee the power of attorney he acts upon and he must do so always before the business relation establishment. There is accepted only the original of the power of attorney or its legalised copy, not a standard scan or plain copy. The signature of the donor of powers need not be legalised, but it is recommended in consideration of higher business safety. The employee will keep the document on permanent basis.(b) More, the employee performs identification of the attorney using the procedure as described in this chapter. The attorney and the donor of powers may be a natural person or a legal entity and identification may be performed „face to face“ or on „remote“ basis.(c) More, the attorney will prove the identification data of the donor of powers. It is not necessary to identify the donor of powers „face to face“, his clear identification should emerge from the power of attorney.(d) More, the employee states in the record of identification data of the attorney and the donor of powers that it is representation based on the power of attorney. Only then the identification is finished in full.§ 41. Initial identification of the represented customer(1) In case of the customer to be represented by a legal representative or a custodian, the employee proceeds as follows:(a) The statutory representative must prove to the employee an appropriate legal relation on the basis of which he acts, always before the deal realization. The statutory representative is responsible for correct identification of the represented person. There is accepted only an original or certified copy of the document, not a standard scan or ordinary copy. The employee need not keep the document, it is sufficient to make a plain copy or – in case of a court resolution – he just records the file number.(b) Then, the employee performs identification of the statutory representative. It may be a natural person or a legal entity and the identification may be performed „face to face“ or on „remote“ basis.(c) Then, the statutory representative proves the identification data of the donor of powers. It is not necessary to identify the represented person „face to face“. A suitable form of proving is supposed to be e.g., the fact that identification data of the customer emerge from the document on representation or it is also possible to accept a written declaration of the statutory representative on such data.(d) More, the employee states in the record with identification data of the statutory representative and the represented person that the customer is represented by a statutory representative. Only then the identification is finished in full.§ 42. Initial identification of the customer on the basis of the deed of identification(1) The initial identification of the customer (including a customer represented on the basis of the power of attorney or by a legal representative) may also be performed by the notary public or contact point of public administration (so called CZECH point) by writing so called deed on identification. The deed contains – in the form of non-detachable appendix – the documents on the basis of which the identification was performed and that clearly depict the customer.(2) In such a case the employee checks the presented original of the identification deed and its appendices, then he checks completeness and readability of data. Then the employee performs the initial identification without physical presence of the customer in such a way as if the original document is presented. The original of the identification deed must be permanently kept. Only then, the initial customer’s identification is performed in full.II.3. Procedure for Establishment of a Politically Exposed Person§ 43. Establishment of a politically exposed person(1) In case of the customer to be a natural person, the fact whether it is a PEP or not is established only at the customer himself (i.e., the natural persons) and not at possible attorney, statutory representative or a guardian.(2) If the customer is a legal entity, the fact whether it is a PEP or not is established for the following persons:(a) any person acting on behalf of the customer in the matter of trade or business relationship (acting person) and then(b) each statutory representative of the customer - including those who do not act in the matter of business (members of the statutory body and further, if the member of the statutory body of the customer is a legal entity and its representative)(c) any beneficial owner of the customer.(3) The PEP definition is contained in Chapter I.3.(4) The customer that has PEP in its structure is subject of EDD.§ 44. Establishment procedure(1) PEP establishment is performed by declaration of the customer or a person acting on customer’s behalf (statutory representative, proxy, attorney, legal representative, guardian, etc.) or by searching of the fact in the commercially distributed system for control and search for „risk“ customers, based on information from public resources and provided in the form of a paid service by some specialised business subjects. It is also allowed for the employee to perform own investigations, e.g., while using open sources of information (Internet, etc.). The employee uses websites such as Facebook, LinkedIn, Instagram, Twitter, Forbes, Google, and others, as well as the national list of PEP functions, to collect information, analyze it, and make a decision. The employee always uses a combination of at least two methods of PEP research.(2) In case of the explanation or definition of PEP not to be placed directly in the declaration or if the declaration is obtained orally, it is necessary for the customer to have a possibility to get acquainted with definition of the term. That is why it is recommended to publish the PEP term definition visibly, directly in the shop or in the place of negotiations with the customer, so as the customer may get acquainted with it, ideally in a language comprehensible for him/her.(3) In case of the customer to make the PEP declaration (in written or oral form) in the past, it is advisable to get it repeatedly, due to the fact that it may change. It is also recommended to check the fact with some periodicity in the course of the business relation duration.(4) In case of the customer to state to be a PEP or in case of the employee to know that from another source, the employee must establish (from the customer or in a different way) the following information:(a) identification of function respectively even other details about it(b) respectively description of relation to a person in leading position (if it is a person from his/her „family“ or „business“ environment, who is not in any leading position(c) respectively at least approximately date of finishing the function (if the function has been terminated).II.4. Procedure for Verification of International Sanctions§ 45. International Sanctions(1) International sanctions are a set of restrictive measures that the international communities (UN, EU) use as a tool to maintain or restore international peace and security, protect fundamental human rights, and fight terrorism. They are accepted by the competent authorities (UN Security Council, EU Council or European Commission) in the form of resolutions or decisions and regulations. In addition, the Czech Republic has a local individual list of 'intra-European terrorist groups'.(2) The Czech Republic applies two types of sanctions:(a) sanctions, which it applies towards specific natural and legal persons, listed on the sanction lists (so called sanctioned persons)(b) sanctions, which it applies towards certain types of goods (so called sector sanctions).(3) The following types of sanction regulations are legally binding (directly applicable) in the Czech Republic:(a) resolutions of the United Nations Security Council(b) resolutions of the EU Council or Commission (see https://sanctionsmap.eu)(c) resolution of the Czech Republic government (see http://www.amlsystems.cz/AML-dokumenty).(4) Carrying out of international sanctions in the Czech Republic is partially regulated by the AML Act and also by Act No. 69/2006 Coll., on Carrying out of International Sanctions.(5) For more information on the application of international sanctions, please consult the Financial Analytical Office website at: http://www.financnianalytickyurad.cz/mezinarodni-sankce.html.(6) The obligation to enforce international sanctions also applies to any other activities of Innovation Service Group Ltd., not only to those covered by this document.§ 46. Sanction lists(1) Two groups of sanction lists are legally binding for the Czech Republic:(a) sanction regulations coming out from EU law accessible through EUR-Lex - access to European Union law at http://eur-lex.europa.eu.(b) Government Decree No. 210/2008 Coll., On Implementation of Special Measures to Combat Terrorism, as amended, located eg at http://www.amlsystems.cz/AML-documents.(2) The responsible person shall give employees access to these lists.§ 47. Screened persons(1) Prior to establishing each business relationship and then with the specified periodicity, the employee must verify whether the Czech Republic does not apply international sanctions against the customer or the persons associated with the customer. The verification periodicity of international sanctions should be set so that no service is ever provided to a customer that is subject to international sanctions - i.e., ideally prior to the provision of each virtual assets service or at least once a day, or possibly whenever the sanction lists are updated.(2) If the customer is a natural person, the screening includes the customer himself / herself and, if applicable, also all the persons acting on behalf of the customer (proxy, legal representative, guardian).(3) If the customer is a legal person, this screening includes the following persons (both natural and legal):(a) the customer itself (a legal person in this case); and also(b) all members of the statutory body (these may be natural or legal persons); and(c) all controlling persons (see the definition in the Chapter I.5); and(d) all persons that are the beneficial owners of the legal person (which is identified during the initial check of the customer, according to the Chapter II.5, these may be natural persons only); and(e) possibly also an agent, proxy, legal representative, and guardian(f) with all the persons the identity of which the company established within the scope of identification or control (mainly all the persons from the management and control structure of the customer).(4) Furthermore, in the duration of the business relationship, it is always necessary to verify the international sanctions against the counterparty of the customer's transaction (if the counterparty of the company is known), especially if Innovation Service Group Ltd. ensures the execution of payments, taking into account all the information accompanying these transactions (e.g., the requisites of SWIFT messages, SEPA payments and letters of credit etc.)§ 48. Search for a person in sanction lists(1) The fact whether the Czech Republic applies international sanctions against the customer or the persons associated with the customer is found out by the employee by looking all the aforementioned persons (both natural and legal) up in the currently valid and available sanction lists.(2) The contents of these two lists differ. If the person is found in any of these sanction lists, it means that the Czech Republic applies international sanctions against this person. In the case that the person is not in one of the mentioned sanction lists, the Czech Republic is considered not to apply any sanctions against this person.(3) The employee has the obligation to create a record about the screening and the result, which corresponds to the requirement of reconstruct ability according to Chapter V.6, i.e., it contains at least the following information:(a) date of verification and name of the person who performed the verification (if performed by a specific employee and not automated)(b) a list of natural and legal persons that have been reviewed in the sanction lists(c) information on the sanction lists under which the verification was carried out(d) result of verification (negative or positive finding).§ 49. Sanction programs(1) In addition to verification of the persons' presence on the sanction lists, the AML officer and the employee must be familiar with the currently effective EU sanction programs. The Czech Republic, as a member country of the EU, does not only apply sanctions to certain persons only, but also to certain types of goods or services. It may happen (even during a business relationship) that the inspection of the customer indicates, based on the customer's communication or based on the submitted documents, that the customer uses the services of the company to trade or transfer (on the customer's own behalf or on another person's behalf ) goods or services subject to international sanctions, e.g., the customer states that the payment relates to the movement of the goods and it turns out that it concerns so called dual-use goods that can also be used for military purposes and the expedition of such goods to some countries is forbidden).The list of currently applicable sanctions is included in the "Consolidated list of sanctions" section: https://eeas.europa.eu/topics/sanctions-policy/8442/consolidated-list-of-sanctions_en.§ 50. Procedure in case of a person to which the international sanctions apply(1) In case the Czech Republic applies international sanctions against the customer or the persons associated with the customer or if the virtual assets service are in any way related to international sanctions, such negotiation regarding establishment of a business relationship or provision of virtual assets service is inevitably a suspicious transaction, and it is necessary to take all the steps listed in the Chapter IV.2.(2) It is also necessary for the employee to ensure that the company proceeds in accordance with the specific sanction and in accordance with Act No. 69/2006 Coll., on Carrying out of International Sanctions. For this purpose, contact both the AML officer and the statutory body of Innovation Service Group Ltd. and coordinate the next step with it.II.5. Procedure during the Initial Customer Check§ 51. Initial customer check(1) The purpose of the initial customer check is to obtain information about the customer, necessary for the assessment, in particular:(a) whether the customer does not represent any risk for Innovation Service Group Ltd. from the point of view of money laundering and financing of terrorism and in the preparation of its risk profile;(b) whether the customer meets the customer's eligibility criteria (i.e., whether Innovation Service Group Ltd. will provide any services for the customer at all)(c) whether the services provided subsequently during the duration of the business relationship do not show signs of suspicious trade, which would be subject to the notification obligation under according to the Chapter IV.2.§ 52. Procedure during the initial customer check(1) The initial customer check is performed by the employee, who will:(a) find out and record what is the purpose of the intended business relationship (the purpose for which the customer will use the services); and(b) find out, verify, and record the source of funds or other assets that will be the subject of the business relationship; and(c) if the customer is a natural person, find out and record the list of all countries where the customer has a nationality and also a permanent or other stay; and(d) if the customer is a legal entity, find out and record the list of all countries where the customer has its registered office, branches; and(e) if the customer is a legal entity, find out and record information about the customer's ownership and management structure and further identify and record its beneficial owner so that it can be identified and always record the method and source of the findings of the beneficial owner, unless this is clear from the documents or records kept(f) if the customer is a legal entity or a natural person doing business, it also detects and records a detailed description of all the customer's activities (not only those related to virtual assets service) - in order to fully understand his / her activities(2) In addition, the employee will also find out whether the customer will act or act solely on his / her own behalf or whether he / she represents or will represent another person (especially the so-called Agency Agreement). If this is the case, the employee will perform a review to identify, understand and document the activities of the represented person, their ownership and management structure, and the beneficial owner as if they were the customer himself. In addition, the employee obtains representation documents.§ 53. Procedure for finding and verification of data(1) The employee finds out the data necessary for the check primarily by the means of his / her own investigation and from the available documents and also from the customer's statement.(2) The purpose of the business relationship is often understood from the interview with the customer, or the customer declares it.(3) The source of funds is often implied by the accounting documents entered into the collection of documents of the customer registered in the Commercial Register in the Czech Republic, by the published annual reports, and by the trade licenses that the customer has and through which the customer generates funds. The source means a one-time event (e.g., inheritance, sale of real estate, winnings, sale of other assets, etc.) or continuous activity (funds from the customer's business, from his employment, etc.). The employee must always obtain sufficient information in order to verify the source of funds, i.e., to assess whether such sources are possible and possibly also legal. In the case of one-time sums, the employee must find out more details (such as from whom the inheritance was inherited and in what amount, which property and for what amount was sold, the amount of the winnings and by which game operator it was paid). In the case of repeated income, its source, i.e., denomination of the business or the employer, and the approximate amount of such regular income.(4) The list of all countries where the customer (natural person) has a nationality and a permanent or other residence, as well as the list of all countries where the customer (legal person) has its registered office, branches, organizational units, or premises, from the customer's website, or from the customer's statement.(5) Information about the ownership and management structure and about the beneficial owner of the customer, legal persons will be found by the employee, in particular, by his / her own research of publicly available information (information contained in the extract from the Commercial Register, documents from the of the General Meetings based on the collection of documents kept by the registry court, etc.). If this information cannot be found, the employee will ask the customer for his statement and possibly a proof. The method of obtaining the ownership and management structure data and the beneficial owner will also be recorded by the employee (i.e., the source and the procedure by which the employee obtained the information). The management structure is determined by the employee to the second level: the first level is the management structure of the customer itself; the second level is the management structure of the controlling person (the parent company). Identification of the management structure does not apply to "sister" companies, unless it is necessary from the risk assessment point of view.§ 54. Verification of the data obtained during the check(1) If the employee assesses that there are doubts about the truthfulness or completeness of the data that the customer has stated during the check, he / she will ask the customer to prove the data obtained during the check by the relevant documents:(a) The source of funds and the purpose of the business relationship can usually be verified from accounting documents, statements from the person managing the customer's accounts, statements from the statutory body (in case of a legal person), confirmation issued by a bank or other third party, etc.(b) The beneficial owner of the legal person can be verified, in particular, from the last minutes of the general meeting. Only originals or certified copies of the submitted documents are accepted.(2) Only originals or certified copies of the submitted documents are accepted. The employees will make regular copies of these documents and he / she will keep them permanently.§ 55. Application of risk-based approach(1) The Risk Assessment document may specify the level of detail of the information that the cashier will require about the management structure for the types of customers, services, or methods of providing them. In addition, it can determine the degree of reliability of the documents that the cashier will require when acquiring them (e.g., a mere statement or declaration from the customer will be insufficient, etc.).II.6. Creation of Customer’s Risk Profile§ 56. Creation of the Customer’s risk profile(1) Prior to establishing the business relationship, the employee will create a risk profile of the customer. This is a characteristic of the particular customer.(2) If a business relationship has been established in the past and it lasts (the customer uses other company services), the risk profile will be updated when establishing any further business relationship.(3) The risk profile is compiled with respect to all the information that Innovation Service Group Ltd. has about the customer, i.e., not only the information obtained during the initial identification and check but also other information that the employee acquires and also with regard to the information that the company possibly has from previous business relationships that have been terminated.§ 57. Risk profile(1) The customer's risk profile means the assessment of the customer that represents a potential risk that the services of Innovation Service Group Ltd. may be misused by the customer for the purpose of legalizing proceeds of crime or for financing of terrorism. As part of the risk profile, the customers are classified into the following groups according to the risk factor that has occurred in their case:(a) a customer with the type A risk profile – i.e., a customer without an identified risk factor(b) a customer with the type B risk profile – i.e., a customer with a low identified risk factor(c) a customer with the type C risk profile – i.e., a customer with an identified risk factor(d) a customer with the type D risk profile – i.e., a customer with a high identified risk factor(e) a customer with the type E risk profile C – i.e., an unacceptable customer.(2) The risk profile is crucial in two respects:(a) influences the periodicity and intensity of the actions performed under this document(b) serves as an essential piece of information when assessing suspicious transactions.§ 58. Risk factors(1) The risk factor means the characteristic of the customer, the product provided to the customer, or the way it is provided to the customer, which increases the risk that the services of Innovation Service Group Ltd. may be misused by the customer for the purpose of legalizing proceeds of crime or for financing of terrorism.(2) Due to the presence or absence of the risk factors, the customer is assigned the type A, B, C, D or E risk profile.§ 59. Risk profile - type A(1) The customer is assigned the risk profile of the type A if there are no known risk factors which would assign the customer the risk profile of type B, C, D or E.(2) A customer with a risk profile of type A does not represent for the company Innovation Service Group Ltd. no, or only very small (negligible) risk in terms of money laundering and terrorism financing, in case of:(a) The jurisdiction of the client is low risk (as per Annex 5),(b) The country of origin of the beneficial owner and representative is low risk (as per Annex 5),(c) The monthly turnover of the client is less than 5 000 EUR,(d) The client's business activity is low or medium risk (as per Annex 6).(e) Where there are no known risk factors to assign a risk profile of type B, C, D or E.§ 60. Risk profile - type B, C, D(1) The customer is assigned the risk profile of the type B, C or D if there are no known risk factors which would assign the customer the risk profile of type E and at the same time, any of the risk factors listed in the Risk Assessment document as risk factors of the type B, C or D are found.(2) A client with a Type B risk profile poses a low risk to the Innovation Service Group Ltd. in terms of money laundering and terrorist financing. To obtain this risk profile, the client must meet the following conditions:(a) The client's jurisdiction is low risk (as defined in Annex 5),(b) The customer's monthly turnover is less than 10 000 EUR,(c) The client's business is low or medium risk (as set out in Annex 6),(d) Where there are no known risk factors to assign a C or D risk profile.(3) A client with a Type C risk profile poses a money laundering and terrorist financing risk to the Company. To obtain this risk profile, the client must meet the following conditions:(a) The customer's monthly turnover is less than 15 000 EUR,(b) There are no known risk factors to be assigned a Type D risk profile.(4) A customer with a Type D risk profile poses a high risk to the Company in terms of money laundering and terrorist financing. He is always an EDD subject.(5) A customer with the risk profile of the type B, C or D represents for Innovation Service Group Ltd. the potential risk from the point of view of legalization of proceeds from crime and financing of terrorism and therefore all employees, including the AML officer, must:pay high attention when assessing any suspicious behaviour of this customer according to Chapter IV.1,to place increased demands on the accuracy of information provided by the customer within the framework of the initial or continuous check, or possibly to substantiate the declared information by means of a specific document;to carry out a continuous check of the customer at least once in a certain time period specified in the Risk Assessmentcheck for each transaction that exceeds the amount specified in the Risk Assessmentcarry out a continuous check of a certain number of transactions selected at random over a certain amount of time; the time interval, the number of transactions selected at random and the minimum amount are set by the Risk Assessmentobtain AML, KYC and other similar regulations from the Customer if the Customer's activity requires them to be processed and to assess whether they are sufficient.§ 61. Risk profile - type E(1) The customer is assigned the risk profile of the E type in the event that any of the risk factors listed in the Risk Assessment document is found with the customer, making the customer unacceptable.(2) A customer with the risk profile of the type E represents for Innovation Service Group Ltd. extremely high risk from the point of view of the legalization of proceeds from crime and the financing of terrorism. In the event that the customer is assigned the type E risk profile, the business relationship will not be established with the customer, or the business relationship with the customer will be terminated and no other service will be provided for the customer. It is assumed that the customer in this situation no longer meets the customer's eligibility conditions.(3) In this case, the termination of the business relationship or refusal to provide any service will be ensured by the AML officer. Without unnecessary delays, the AML officer will take all necessary steps to ensure that the business relationship is effectively and legally discontinued. The AML officer will also prevent any new services from being provided to the customer until the business relationship is terminated.(4) In addition, it is necessary to pay close attention when assessing whether the customer's behaviour does not show signs of suspicious trade under the Chapter IV.1.II.7. Establishing a Business Relation§ 62. Establishing a business relationship(1) A business relationship can only be established with the customer if all three of the following conditions are met:(a) the operations preceding the establishment of the business relationship under the Chapter II.1 have been fully performed; and(b) the AML officer has approved the establishment of the business relationship if required by it in the Risk Assessment; and(c) if the customer is a PEP, a consent to the establishment of the business relationship must be issued by the statutory body of Innovation Service Group Ltd. or a person appointed by it; there must be a record written about the consent issued; and(d) none of the facts mentioned in the Chapter II.8 has occurred.(2) The business relationship is established by signing the documents on the basis of which the business relationship is established, or when the services are made available for the customer, whichever comes first.§ 63. Instructing the customer about the need to report changes of the data(1) In addition, when establishing the business relationship, the customer will be obliged to notify all changes to the data the customer has provided during the establishment of the business relationship. These include in particular:(a) the data provided at initial customer identification(b) changes in the fact that the customer or the customer's beneficial owner is or is not a PEP(c) changes in the list of people who are considered to be the beneficial owner of the customer(d) the data provided during the customer control, etc.(2) The Customer must make the notification of the change of the data or of its completion without any delay, but not later than prior to being provided with the next virtual assets service. The customer will also be informed that failure to notify a change may be a reason for termination of the business relationship.II.8. Ban to Enter a Business Relationship§ 64. Ban to establish a business relationship(1) The company Innovation Service Group Ltd. rejects to enter into a business relationship with a customer if:(a) the customer does not provide us with required cooperation within the performance of the verification and initial identification – i.e., does not provide with the information and data required or does not support these with relevant documents (if required), or(b) if there have emerged any doubts related to the correctness and completeness of the information provided to us by a customer within the initial identification or initial verification, or(c) if there was established any suspicion that a customer has provided us with untrue, distorted or incomplete information or in the event when a customer submitted false, altered or untrustworthy documents(d) due to any other reason is not possible to perform the initial identification or initial verification of a customer, or(e) it is clear at the customer that the intended business relationship is intended to provide services to a person other than himself (i.e., he acts solely as an intermediary or identity provider) and the customer does not present a power of attorney; or(f) the customer is subject to EDD and the statutory body Innovation Service Group Ltd. or the person authorized by it has not consented to the establishment of a business relationship(g) the customer is PEP and Innovation Service Group Ltd. does not know the origin of the property that the customer will use for each service(h) the customer has been, pursuant to its risk rate, ranked within a group of customers with which the company shall not establish any business relationship.(2) In the event when the establishment of business relationship is refused, a closer attention of employees shall be focused on the facts, whether the behaviour of a customer, due to which such a situation emerged, is typical of suspicious business characteristics, pursuant to the Chapter IV.1.(3) The document titled Risk Assessment may determine for individual types of the customers, services or services provision methods even other circumstances, under which the business shall not be performed. Next, it can determine the rules of customer acceptance – i.e., features of a customer who is not allowed to be provided with the services (or certain type of service). Our employee is obliged to respect the extended list. III. Business Relation with clientIII.1. Obligations in the Course of the Business Relation Duration§ 65. List of obligations(1) Within the duration of the business relationship entered into with a customer, the company Innovation Service Group Ltd. is obliged to perform, in particular, the following:(a) if the customer appoints a new joint holder, i.e., a person who will newly execute trades on behalf of the customer (e.g., enter virtual asset orders for transfers), he / she will also identify him / her; the joint holder may act on behalf of the customer only after the company receives the power of attorney to represent the customer in the execution of transactions or has the right to represent the customer as a statutory body or its member or is the legal representative of the customer(b) check the validity and completeness of the data obtained in the framework of the customer's identification (when establishing a business relationship, also continuous, including the status of PEP) and record their changes and additions(c) continuously verify whether the Czech Republic is applying international sanctions against the customer or a related person, including those who are a counterparty to the trade, if the company becomes aware of them(d) carry out a continuous check of the customer(e) continuously update the customer's risk profile (categorize the customer according to risk factors) - if there is a change, the AML officer must be informed and the customer must assess whether the business relationship is terminated; The AML officer shall take into account, in particular, the obligations under Chapter III.2 and the customer's risk profile, in particular if it is of type B, C, D or even E; this must be done by the AML officer no later than before the next transaction (especially before the next virtual assets service is provided)(f) to continually assess whether the behaviour of the customer or of the persons acting on his / her behalf shows any signs of suspicious trade or whether the services provided to the customer indicate this(g) refuse to provide a service in certain situations and possibly terminate the business relationship(h) if the customer is a PEP, all substantial changes to the framework virtual assets service contract that have been triggered by the customer's request (egg request to increase limits, new joint holder, etc.) must be approved by the statutory body of Innovation Service Group Ltd. and the approval to create an alert; The risk assessment may be determined by other groups of risk customers for whom the AML officer approves these significant changes in the business relationship.(2) The Risk Assessment document may determine, for each customer risk group, the frequency or circumstances that trigger the need to meet individual obligations during the business relationship, as well as the intensity with which those ongoing obligations need to be met. It is the fulfilment of a risk-oriented approach to monitoring and managing the business relationship.§ 66. Check of information in case of doubts(1) Whenever doubts arise as to the information or data (obtained as part of customer identification or control), the employee shall verify this information without undue delay. This is done by verifying the information either from publicly available sources or by contacting the customer to provide appropriate explanations and possibly documents.§ 67. Assessment of customer's behaviour(1) Within the duration of the business relationship, all the employees shall assess, whether the behaviour of a customer or the persons acting on behalf of a customer, is not typical of a suspicious business. This kind of behaviour is understood as the behaviour related to the services, as well as the behaviour of a customer towards the company Innovation Service Group Ltd. which is not directly related to the provision of services.(2) This assessment shall be performed by the employee, according to Chapter IV.1§ 68. Updates of customer's risk profile(1) Throughout the business relationship, all employees continually update the customer's risk profile. This means that if there is a circumstance that causes a worsening of the customer's risk profile, there will be a change, or vice versa - if circumstances worsening the customer's risk profile disappear, it will change in the opposite direction, if permissible. The rules and factors set out in Chapter II.6 and in the Risk Assessment will be used to update the risk profile.(2) The frequency of updating the customer's risk profile is determined by the Risk Assessment.(3) The employee always keeps a record of changes in the customer's risk profile, which enables the situation to be reconstructed - i.e., it includes information on the reason for the change, the method of finding, source and eventual verification of the circumstances, date and information on the currently valid risk profile data. The history of changes in the risk profile must show all its changes, i.e., previous information is not deleted, only new one is added.III.2. Data Updates§ 69. Customer's data changes and information added(1) In the course of the business relation duration, the employee must check the validity and completeness of the customer's data, which is stored in the customer's file. In particular, the following ones:(a) Validity and completeness of the identification data, including changes in the personal composition of Customer's statutory body – a legal person(b) Information whether any facts have not been changed, whether any of persons is a PEP person or not(c) Information whether the Czech Republic has not applied international sanctions towards a customer(d) Validity and completeness of the data sourced within the verification of a customer, in particular the information whether the intended purpose of business relationship still persists, whether the source of financial funds used by a customer is still up to date, whether in case of that customer – a legal person – has not been changed the ownership and management structure or beneficial owners, a list of all countries in which the company has its registered office, branches, business divisions or establishments, and if that customer is a natural person, then information on a list of countries in which that customer is having a citizenship, as well as permanent or other kind of residence(e) Reasoning why the simplified identification and verification was applied to a customer (where applicable).(2) In the event, when customer's identity card validity has expired, i.e., the identity card, on the basis of which a customer, a natural person, was verified, there is no need to have the data on new identity card. However, if customer's identification data has been changed, there is necessary to verify the new data from his/her identity card and record even the information on his/her identity card in which the new data is stated. The data on original identity card shall not be deleted.(3) Every change or data added shall be recorded by the employee. The record shall be entered by the employee who found out such a data change or who found out the information which shall be necessarily added, or who was given such information on change from a customer.(4) A change or completion shall be performed as follows: the originally recorded information shall be supplemented with the new one. It is necessary to proceed in such a way which allows us to distinguish whether this is the case of a data change or just a data completion (i.e., whether the originally recorded data stays valid or not). Moreover, it shall be apparent who from our employees and when (date) has entered the data change or data completion, or the source of data verification shall be identified.(5) If this is the case of data change, the originally recorded data cannot be deleted, in spite of the fact such data is not valid anymore; it is necessary to keep it stored as the data which was valid in the past (including the documents which supported the data – if required).(6) Furthermore, if it is required during the procedure of changed or supplemented data sourcing to support such a new information with any document or verification upon any kind of declaration, power of attorney or other document, then it is necessary to submit such a document or perform its verification within its full scope.III.3. Verification of a Customer in the Course of the Business Relation Duration§ 70. Continuous verification of a customer(1) The continuous verification of a customer is aimed to trace the services provided to a customer during the business relationship in order to be able to verify whether the transactions and acts were in compliance with the facts known to the company Innovation Service Group Ltd. about the customer.(a) the services used are consistent with the client's financial circumstances and economic activity(b) the services used are consistent with the originally intended purpose of the business relationship (product used)(c) the services are not used by a person other than the client, i.e. in particular whether they serve as an instrument for the transfer or storage of funds to a person other than the client.(2) This monitoring is essential to assess whether the services provided to the client do not exhibit the characteristics of suspicious business under Chapter IV.1. In particular, the automated system assesses the following information:(a) the volumes of funds that the client transfers using the services of the company or accumulates with the company(b) the type of payments made, destinations, recipients, volumes, etc.(3) A continuous verification shall be understood as assessment procedure focused on the fact whether a customer was provided with services that correspond with his/her property relations and with the intended purpose of a service (this is related to a product which is being provided to a customer). If a customer uses the services from company Innovation Service Group Ltd. beyond the property relations declared by him/her or if a customer uses the services which are contrary to the intended purpose of the business relationship (i.e. the subject-matter product) and in contrary to the purpose typical of a certain type of customers, then this is the reason for further investigation of a customer in order to find out whether this case is or is not of suspicious business.(4) Customer's risk profile shall be understood also as the key factor during the procedure of continuous verification. If a customer was ranked with a type B, C, D risk profile, then this kind of assessment increases:(a) The frequency of continuous verification performance, and also(b) The intensity under which is the continuous verification performed, and also(c) The requirement for information reliability, i.e. the information which is submitted by a customer – his/her statements or declaration are not sufficient any more, but other documents shall be required having in view that the documents of highest possible reliability are these which were verified by a third party, nor just by a customer, ideally such a person shall be acting independently and shall be a recognised authority (state administration bodies, an auditor, etc.).(5) Special attention shall be focused on a PEP person active beyond the EU or on a PEP person active within the territory of EU, i.e. the persons in case of which was found out a risk factor. Such persons are considered risky, having in view the fact they may dispose of property of corruption origins or other similar behaviour, or from subsidy frauds. As for this person, the alert (generated by automatic data-processing system) limits shall be for the purposes of its generation pre-set (at the level of regularly received income of a person in certain position performed currently within the PEP person, including some reserve from gathered savings). If such a customer is using the services beyond his/her current property means known to the company Innovation Service Group Ltd., then it is necessary to find out and eventually let a customer document the resources of his/her funds. The company shall be anytime aware of financial funds origin of a customer who is considered PEP person (incl. PEP legal person) that is active beyond EU, namely for the period for which is the position held, and also at least one year after this period.(6) In the event when the employee suspects a customer, he/she did not state false, distorted, or incomplete information, the employee shall then ask a customer to submit relevant documents (if possible). It can be done via an account statement, accounting records, declaration performed by a person responsible for keeping accounts of a customer, etc. The employee shall accept only the original documents or certified copies of the documents. Once they are submitted the continuous verification may be considered passed.§ 71. Customer’s Business Control(1) The customer’s business control shall be understood as the additional type of customer’s control during the course of business relation.(2) In particular, the procedure shall monitor whether:(a) The services provided to a customer are in compliance with the customer's property relations and economic activities(b) The services which were sourced by a customer are in compliance with the originally intended purpose of the business relationship (used product)(c) The services are not used by any person other than a customer, i.e. in particular whether the service is not used as a transfer tool or whether the financial funds are not kept for other person than for a customer.(3) This kind of monitoring procedure is essential to be able to assess whether the services provided to a customer are not typical of suspicious business, pursuant to Chapter IV.1.(4) Customer’s Business Control shall be performed in the event when the customer exceeds the limit, which was set during initial control. This procedure is performed by the employee who monitors the services provided towards a customer. While the automatic data-processing system shall assess, in particular, the following information:(a) The volumes of financial funds which are being transferred using the company services, or whether such funds are being gathered and kept with the company(b) A type of payments made, payment destination, a payee, volumes, etc.(5) If a customer during the business control is assigned a new type of risk profile, an employee shall rely on the Risk Assessment document, where are described processes for each customer risk group, as well as the intensity with which those ongoing obligations need to be met. In this case an employee shall also request:(a) The information about the customer’s economic activity and(b) Documents confirming the customer’s income How to proceed in case of a suspicion(1) In this case, particular attention may be given by the employee to the assessment procedure, especially whether customer's behaviour is of suspicious features, in accordance with Chapter IV.1.§ 72. Records of continuous and business control(1) A record must be made and kept of each continuous check, from which all events can be reconstructed (i.e., in particular that a periodic scan has been carried out, that a warning has been issued, who handled it and how, data from it, any other documents obtained, etc.).§ 73. Customer's obligation to provide us with cooperation(1) A customer is obliged to undergo the continuous verification, i.e., submit all the required information and present the documents to support declared facts (if required by the employee). In the event when a customer did not provide us with sufficient cooperation in the course of continuous verification, then he/she cannot be provided with the service (i.e., financial funds kept with the company Innovation Service Group Ltd. will not be transferred to any payee unless a customer undergoes the verification procedure), the business relationship will be terminated (according to Chapter III.2), and simultaneously this is a feature of suspicious business according to Chapter IV.1, and it is necessary to follow the procedure shown in Chapter IV.2, and this kind of suspicious business shall be reported.§ 74. Applying the risk- oriented approach(1) The document titled Risk Assessment may determine for each type of customers, services or ways how to provide the customers with the services, the level of information details on management structure, and such information is then required at the cash counter. Next, the document may determine the level of document reliability, i.e., what kind of documents are allowed to be accepted by a cashier during the verification procedure (e.g., simple declaration of a customer will be excluded, etc.).III.4. Ban to Provide Service and the Obligation to Terminate a Business Relation§ 75. Ban to provide service(1) A customer will not be provided with the service and business relationship with a customer will be terminated if any of the following facts would emerge:(a) A customer rejects to undergo the identification, if its performance becomes obligatory (e.g., if identification data has been changes or should be completed)(b) A customer rejects to submit a power of attorney if there has emerged a reason to submit this kind of document (e.g., when the executive ceases to hold its office, but a customer – a legal person – still requires he/she should act on customer's behalf, or in the event when the employee suspects a customer does not act in its own name, i.e., the funds that are subject to respective service does not belong to a customer, but is owned by any other person, and a customer acts in this case only as intermediary or identity provider)(c) A customer rejects the cooperation in the course of verification, i.e., rejects to submit or complete the data for which he/she was asked by the company Innovation Service Group Ltd. during the initial or continuous verification, or eventually rejects to submit relevant documents when he/she was asked for them(d) A customer who was not a PEP person has become in the course of business relationship duration a PEP that is active beyond the EU or a PEP active within the territory of EU, and in case of such person was identified a risk factor, and the company Innovation Service Group Ltd. is not aware of the origin of customer's financial funds or the statutory body of Innovation Service Group Ltd. has not granted its consent with the continuation of such business relationship, or such a consent has not been granted by a person authorised by the statutory body(e) A person performing the identification or verification has doubts whether the information stated by a customer is true (and such doubts were not refuted by a customer)(f) Risk assessment of a customer became worse and a customer moved to the group of E risk profile, i.e., to the group of customers that are not allowed to enter into a business relationship with the company, i.e., the existing business relationship is terminated(g) Identification of a customer was performed via a distance identification, and the first payment resulting from the business relationship was not successfully made to the account stated on a customer's name – in this event the business relationship is not terminated, however, the customer is not provided with any further services up to the moment when a „face to face“ identification is made(h) during risk assessment it was discovered that sanctions were imposed against customer and there is no permission from FAÚ and statutory authority(2) When any of the stated situations arises, the employee shall report it to an AML officer without delay, and also is obliged to ensure that a customer is not provided with the required service by the company Innovation Service Group Ltd. An AML officer shall ensure the business relationship with a customer will be terminated (de facto and de jure). Furthermore, the employee shall pay increased attention when assessing whether the behaviour of a customer does not show some features of suspicious business, pursuant to Chapter IV.1 hereof. IV. Suspicious BusinessIV.1. List of Suspicious Business Features and Their Assessment§ 76. Suspicious business in general(1) A suspicious business shall be understood as the service provided in circumstances which give rise to a suspicion to perform a legalization of proceeds of crime, or a suspicion that the assets which are subject to certain service are determined for the terrorism financing purposes.(2) A suspicious business may be also understood as the customer's behaviour which is not directly intended to be provided with a service, but is giving rise to a substantiated suspicion that a customer is aimed to act illegally, i.e., within the scope of mentioned unfair activity. A suspicious business or transaction may be also a service which has not been provided by the employee (in circumstances stated in Chapter II.5), or if the case was recognised only as a customer's attempt to establish the business relationship.§ 77. Features and circumstances of a suspicious business(1) Features and circumstances which might indicate the case of a suspicious business:(a) the payment was credited from other account then usually in particular customer's case, or the payments are credited from the account or even various accounts which are not owned by the customer, and there is no apparent connection between the owner of that account and the customer(b) the customer is from the country in which the company usually does not offer its services – for the list of the countries see Annex No. 5(c) the customer is using services (Enters the virtual asset orders, etc.) from more countries(d) the customer uses funds to purchase such type goods, and eventually also such volume of goods which does not correspond to usual behavior of a customer or to its financial means(e) the customer asks for the virtual assets service and makes or requests the payment in cash and vice versa(f) the customer resells goods or services purchased for funds for no apparent economic reason(g) the customer uses funds as a deposit instrument (stores and holds assets there for no apparent reason) and then requests a redemption(h) the customer requests external transfer to an account that does not belong to him / her - belonging to a person with no apparent relationship with the customer(i) the customer's business or place where funds can be used is fictitious or difficult to verify or otherwise non-standard(j) a "sleeping" customer - the customer with whom the business relationship was established does not use the services and the view will change without any justification, or the frequency and volume of the services used will suddenly cease again(k) the purpose for which the customer uses the services is contrary to the declared purpose(l) the volume of services used by the customer does not correspond to the customer's property and economic conditions (and it is contrary to what the company Innovation Service Group Ltd. knows about the customer)(m) the virtual assets service of the company are probably used by a person other than the customer himself(n) the customer makes multiple transfers and the volume of these transfers is just below 1 000 EUR or below15 000 EUR as they consider that they are not subject to monitoring(o) the customer offers the employee money or other remuneration for performing a non-standard service or potentially suspicious transaction or for establishing a business relationship where the employee does not require all the particulars (identification, control, etc.)(p) the customer mentions that the funds which are the subject of the service are of illegal origin or intended to finance terrorism(q) the customer unreasonably assures the employee that the funds which are the subject of the service have been acquired in accordance with the law or that the money is not of illegal origin or that it is not intended to finance terrorism(r) the customer shows an unusual interest in the policies, procedures and measures which the company Innovation Service Group Ltd. follows within the System of Internal Rules and Risk Assessment(s) the customer has extensive knowledge of legalization of proceeds of crime or terrorism financing(t) the customer is unreasonably nervous during the negotiations and gives the impression that he has been instructed by another person(u) the customer is unusually trying to converse with an employee on the topic of money laundering or terrorism financing(v) the customer deliberately seeks to establish a friendly relationship with the employee(w) the person acting on behalf of the customer is accompanied by another person and is monitored(x) the customer uses the services of multiple companies for no apparent reason(y) the customer uses services that are normally provided by banks and is willing to use the services of the company without justification even if it is significantly more expensive for him(z) the customer uses the services of the company without any links to the Czech Republic and without it, i.e., it tries to introduce another country into the transfers in order to make it difficult to trace the financial flows(aa) the customer carries out activities that may help to conceal his identity or to conceal the identity of his beneficial owner(bb) the customer submits an identity document that shows any of the features listed in Chapter II.2 under points Features of an ID Unsuitable for Identification(cc) the customer presents only copies of identity cards or unverified copies of other documents(dd) the customer requests identification on the basis of a document other than that required by the employee(ee) there are reasons to refuse to provide a service or the obligation to terminate a business relationship under Chapter III.4(ff) the customer tries to persuade the employee not to request some data that is necessary for identification or control purposes(gg) the customer asks questions that lead to suspicion that he is trying to avoid identification and control(hh) the customer provides confusing, deceptive or contradictory information(ii) the customer knows little details about the purpose of the business relationship or the origin of the funds(jj) the customer over-explains the origin of the funds or the purpose of the transaction(kk) the customer carries out high-volume transactions using funds obviously used for business purposes, but the customer does not wish to associate them with the business (i.e., to tell the business person which funds belong to and for whom he is acting)(ll) the counterparty of the service is a person whose activity is linked to a country where measures against money laundering or terrorism financing are applied insufficiently or not at all; a list of these countries is given in Annex 5(mm) the employee knows from a reliable source (e.g., television, newspapers, etc.) that the customer or business counterparty is involved in illegal activities or has a criminal history(nn) in the course of one day or in the days immediately following, the customer will carry out noticeably more deals than is usual for his activity(oo) the customer indicates the purpose of the transaction, which is hardly compatible with his activity(pp) the customer is a non-profit or charitable organization and the purpose of the business that he or she communicates is contrary to the activity that he or she states or publicly declares.(2) The present list is only a non-exhaustive. Practical experience can include also other circumstances not stated here, these indicate that the service might be used to legalize the proceeds of crime and financing terrorism, therefore this could the case of a suspicious business.(3) On the other hand, if the business shows any of the stated features, this is not necessarily the case of a suspicious business.§ 78. Assessment of the features and circumstances(1) Assessment of these circumstances shall be performed by the employee, as follows:(a) Individually for each the situation and business relationship,(b) Prior and in the course of business relationship duration, eventually also after its termination(c) Having in view all the other services that are provided to a customer by the company or that are or were subject to negotiations with a customer(d) Considering all the customer-related facts that are known to the company Innovation Service Group Ltd. (e) Having in view the customer's risk rate and risk profile.(2) In the course of assessment are taken into account not only the circumstances, in which the service is performed, but also the information submitted by a customer during the initial or continuous verification (check). An AML officer and the employee may take into consideration also other relevant circumstances and facts that are not stated herein directly.(3) The employee cannot express towards a customer that the employee is performing the assessment whether this is or is not a suspicious business.§ 79. Point of view of Customer’s risk profile(1) When identifying and evaluating a suspicious transaction, the employee also takes into account the customer's risk profile, which has been assigned or updated according to Chapter II.6.(2) For customers with a risk profile of type B, great care must be taken when assessing the potential suspicion of a transaction. Customers with an assigned risk profile of type E will not be provided with services and the business relationship with them will be terminated.(3) Furthermore, it is necessary to impose higher demands on customers with a risk profile of type B to prove the claimed facts with credible documents.§ 80. Business that is always suspicious(1) The always suspicious business is that one which shows at least one of the following features:(a) A customer refuses to undergo the verification or does not support us with sufficient cooperation during the verification and check (typical customer reaction: I am not going to discuss something like this with you… „ or „This is not your business…“ or a customer suddenly stops the dialog).(b) A customer refuses to submit identification data of a person, on behalf of which he/she is acting.(c) A customer of its beneficial owner (in case of a legal person) is a person, towards which the Czech Republic applies the international sanctions in accordance with applicable law on international sanctions application.(d) Subject matter of the business is or should be the goods or services towards which the Czech Republic applies the sanctions in accordance with applicable law on international sanctions application§ 81. Procedure in case of suspicious business(1) In the event when the employee has assessed the customer's behaviour shows the features of suspicious business, the steps shall be as follows:(a) If the initial identification of a customer has not been performed yet, the employee shall follow the steps stated in Chapter III.4(b) If the initial verification (check) of a customer has not been performed yet, the employee shall follow the steps stated in Chapter IV.1(c) If the continuous verification (check) of a customer has not been performed yet, the employee shall follow the steps stated in Chapter III.3(d) follow the procedure shown in Chapter IV.2.(2) In practice, there could occur even the situation when the employee has assessed that this is the case of a suspicious business and the identification or verification of a customer could not be successfully finished or was not performed at all (as the customer e.g., refuses to cooperate). Also, in this case, it is necessary to report a suspicious business following Chapter IV.2 - if there exist at least some information on a customer.§ 82. Access to the information necessary for the assessment(1) The responsible person shall ensure that the employee will have unlimited access to the information on a customer, business relationships, services provided and other related documents and Internet sources, so that such information could be used in the assessment whether this is or is not a suspicious business. The search for information must be automated.IV.2. Suspicious Business Reporting§ 83. Procedure in case of suspicious business reporting(1) If the case has been assessed by the employee as a suspicious business, immediately after the performance the employee contacts an AML officer (see the Annex 2), and(a) Shall report he/she found out a suspicious business,(b) Shall submit all the data and all the printed documents related to a suspicious business (in particular the data and documents obtained during the customer's identification and verification procedure),(c) Shall state the reasons why the business was assessed as suspicious one,(d) Shall inform an AML officer on other facts which the employee considers essential in relation to this business,(e) Next, the employee shall cooperate with an AML officer upon officer's requirements§ 84. Activity of an AML officer(1) An AML officer shall start to be focused immediately on the case when it was reported by the employee, and shall perform all the steps in order to assess the business. In the event when an AML officer has assessed the business as suspicious one, an officer shall decide whether there have arisen the grounds for the postponement of customer's order, in accordance with Chapter IV.3. Next, the suspicious business shall be reported to FAU without undue delay, however, not later than within 5 days from the moment when the suspicious business was found out.§ 85. Notification of a suspicious business(1) A notification on a suspicious business to the FAU may be filed by one of the following ways:(a) On the basis of the information obtained, an AML officer shall draw up a notification on suspicious business. A form titled „OPO“ should be filled in for these purposes, i.e., to announce a suspicious business, the form is stated in the Annex 4 hereto. To notify this kind of business also other form may be used, but all the required legal particulars shall be included (for more information see the Annex 4). This document should include the copies of all the documents there are available in relation to the suspicious business. Such well documented business is to be announced by an AML officer in writing, using a registered letter with a form and shall be sent to the address: Finanční analytický úřad, Poštovní přihrádka 675, Jindřišská 14, 111 21 Praha 1.(b) The notification on a suspicious business may be submitted also orally, which shall be recorded in the protocol in the place determined after previous agreement speaking to a phone number operator: +420 257 044 501.(2) An AML officer shall complete the notification (if available):(a) Further information found out about a customer,(b) Information whether a customer was in the past provided also with other services and the details should be added,(c) Visual, audio or audio-visual record of a customer, if any of these exists.(3) If any such document exists, an AML officer shall keep a receipt on filed notification on a suspicious business (advice of delivery of a registered letter, etc.).§ 86. Evidence of filed notifications(1) In addition, the AML officer keeps a record of all reports of suspicious transactions submitted for Innovation Service Group Ltd. filed, it is necessary to respect the obligation of confidentiality according to Chapter V.2. This documentation also includes copies of all reports of suspicious transactions submitted.§ 87. Obligation to provide the AML officer with co- operation(1) In the event when an AML officer requires so, all the employees are obliged to provide him/her with a cooperation in the course of fulfilment of the obligations resulting from the present document, as well as from the law. The employees and an AML officer shall act in the matter of filed notification on a suspicious business without unreasonable delays.IV.3. Postponement of the Customer’s Order Fulfilment§ 88. Decision making on postponed of the customer’s order fulfilment(1) AML officer shall, without delay, when he/she receives a notification on a suspicious business from the employee, and when he makes its own decision whether this is the case of suspicious business or not, decide, whether the customer's order should be postponed or not, i.e., regarding that customer who has been stated in respective notification. In particular, this shall be understood as a blocking of Virtual asset order performance.(2) AML officer is obliged to make a decision on the postponement of the customer's virtual asset order if, due to its immediate performance could result in a frustration or significant complications in the field of securing of the proceeds of crime or funds designated for the terrorism financing.(3) An AML officer shall decide whether the customer's order shall be fulfilled in such a case when both the following conditions are met:(a) There is no threat that the immediate fulfilment of the customer's order could result in a frustration or significant complication in the field of securing of the proceeds of crime or funds designated for the terrorism financing(b) An AML officer is not aware of the fact that such a postponement could result in a frustration or otherwise jeopardise the investigation of suspicious business.§ 89. Procedure in case of order fulfilment postponement(1) Next, an AML officer shall instruct all the employees, who are authorised to receive and perform the customers' orders, not to fulfil any other orders of that customer. All the employees are obliged to adhere to such an instruction. If the performance of the order is provided by an automatic data-processing system, then it is necessary to implement changes into the system which ensures the customer's order will be postponed.(2) Furthermore, an AML office shall keep with care:(a) the information on postponed fulfilment of customer's order(b) precise information on the date and time, when the FAU has received the notification on a suspicious business, in accordance with Chapter IV.2.(3) If the funds, to which is the postponed customer's order related, is being kept by the company Innovation Service Group Ltd., then an AML officer shall ensure such funds against any possible transactions.§ 90. Postponement period of customer’s order fulfilment(1) A fulfilment of the order shall be postponed for the period of 24 hours, since the moment when the FAU (the Financial Analytical Office) has received the notification on a suspicious business.(2) The FAU may then adopt a decision to extend this period even by up the next three working days. The FAU shall inform the company Innovation Service Group Ltd. on such extended period in its notice, which may be performed orally, by phone, via a fax message or electronically. Once the notice is received, an AML officer shall inform the FAU by return, that the company Innovation Service Group Ltd. will extend the period for which is the customer's order postponed, and confirms the time when such a notice was received. The period of three working days starts to be counted from the moment, when the extended period was noticed by the FAU.(3) If the FAU notifies the company Innovation Service Group Ltd., within the period, for which the customer's order is postponed, on the fact that the FAU has filed a notification to the competent law enforcement authority, then Innovation Service Group Ltd. may fulfil the customer's order at the earliest after three working days from the date on which the criminal complaint was lodged, unless up to the end of this period the competent law enforcement authority adopts decision on the withdrawal or confiscation of the subject matter of that suspicious business.§ 91. Customer’s order fulfilment(1) If the company Innovation Service Group Ltd. has not received from the FAU, within the period for which is the customer's order postponed, any notice that the FAU has filed a notification to the competent law enforcement authority, then the company shall fulfil the customer's order. The same procedure is applied by the company Innovation Service Group Ltd. in the event, when a criminal complaint was lodged and no decision was made up to the end of the period extended by three working days, i.e., in case of the withdrawal or confiscation of the subject matter of that suspicious business.(2) In this case, an AML officer shall promptly ensure that the customer's order will be fulfilled.§ 92. Confidentiality obligation(1) All the employees (including an AML officer) are obliged, in the event when the customer's order fulfilment was postponed, follow the confidentiality obligation, i.e., under no circumstances a customer cannot be informed, nor any other unauthorised person, on the fact, the notification on a suspicious business was filed, nor on any detailed information, even not after the moment, when the FAU adopts decision not to lodge a criminal complaint.(2) For more information on the confidentiality obligation see Chapter V.2. V. Other obligationsV.1. Information Obligation§ 93. Procedure for providing the FAU with information(1) The company Innovation Service Group Ltd. communicate, at the FAU's request, information on the services or trade relations for which the FAU is investigating within a specified period. The responsible person shall ensure the submission of documents on these transactions or give them access to authorized employees of the FAU.(2) In case of personal contact, the authorized employees of the FAU shall produce a service card issued pursuant to the Act on Implementation of International Sanctions. The model of this card is a part of Decree No. 53/2017 Coll. FAU employees are not obliged to give their name.(3) If requested by the AML officer or responsible person, each employee is obliged to provide assistance to him in the performance of this duty.V.2. Confidentiality Obligation§ 94. Confidentiality Obligation(1) The employees, a person responsible, and an AML officer are obliged to follow the confidentiality obligation on the facts related to:(a) Notifications and investigation of a suspicious business(b) acts performed by the FAU(c) Performance of information obligation (see Chapter V.1).(2) Next, everybody how becomes aware of these facts is obliged to keep them confidential.(3) If these persons were transferred to another job position, by the fact when their employment relationship was terminated or due to other contractual relationship with Innovation Service Group Ltd. , nor by the fact that the company Innovation Service Group Ltd. ceases to provide its services, the confidentiality obligation shall not be extinguished§ 95. Exceptions form confidentiality obligation and related procedure(1) The AML Act allows exemptions from confidentiality obligation in such cases that are stated in Section 39 of the AML Act. Thus, in the event, when any person requires to be provided with the information which is subject to the confidentiality obligation, shall notify a person responsible that shall review whether the Section 39 of the AML Act might by applied, i.e., the exemption from the confidentiality obligation towards a specific person. After the investigation findings a person responsible shall make a decision, whether and within which scope the information can be submitted. In the event when the information is requested by the FAU, the procedure of Chapter V.1 shall be applied.V.3. Obligation to Train Employees§ 96. Training obligation(1) The responsible person is obliged to ensure all the employees undergo the training, i.e., the employees that may, during the performance of their working tasks, encounter a suspicious business, including a person responsible and an AML officer. The training shall include the rules and procedures stated herein, risk assessment, the AML Act, eventually the other legal regulations. The employees must be trained in such a way to be able to perform their work without mistakes and apply all the provisions stated herein, i.e., the provisions which are related to such employees. A person responsible shall amend and update the content of training.§ 97. Training frequency(1) The training must be performed at least once within the period of 12 months. There is also necessary to train all the not yet trained employees before they enter respective work positions (i.e., new or transferred employees).§ 98. Training report(1) The responsible person keeps and archives, in accordance with Chapter V.5 the attendance list and training content list. For these purposes may be used a sample of employees training report which forms a part of the Annex No. 3.V.4. Obligation to Draw Up the Assessment Report§ 99. Assessment report(1) The responsible person shall prepare a report evaluating the activity of Innovation Service Group Ltd. at least once every 12 consecutive calendar months. in the area of preventing money laundering and terrorism financing. The evaluation report shall be drawn up not later than the end of the fourth calendar month following the end of the evaluation period.(2) This report contains the following:(a) assessing whether the procedures and measures it applies to prevent money laundering and terrorism financing are sufficiently effective; and(b) an assessment of whether weaknesses were identified in the system of internal policies, procedures and control measures during the reporting period and what risks might arise therefrom; and(c) statistics on suspicious transactions notifications for the past period, broken down by branches or activities regulated by AML by law; this information will be provided by the AML officer, who keeps a record of the suspicious transactions reported and beyond(d) if shortcomings in the prevention of money laundering and terrorism financing are identified, the evaluation report shall include a proposal to remedy them.(3) All the conclusions and assessment views shall be properly justified; a simple statement is not sufficient.(4) If the assessment report is drawn up by other person than the AML officer, then the report must include also the view of the AML officer regarding the completeness and correctness of the data included in this report.(5) The assessment report shall be discussed by the company statutory body within the period of 4 months after the last day of the assessed period. Company statutory body shall state its review to the report which reflects the shortcomings and proposals stated in the report.(6) Evaluation of the assessment report performed by the above-named persons must be traceable, i.e., it shall be always obvious, who and when performed the assessment and upon which grounds. This information forms a part of the assessment report.(7) The assessment report shall not be sent anywhere, it shall be archived for the period of 5 years.V.5. Information and Documents Keeping and Archiving§ 100. Way of data recording(1) All the data and documents related to the business relationship shall be archived. In particular, this is the case of filled in forms, original documents or copies of documents submitted by a customer, and other company internal records. All the data and documents related to a specific service shall be archived analogically.(2) A part of these documents may be also in a digital form. Any other way of data and documents archiving may be decided by a person responsible.§ 101. Making copies(1) The employee shall, pursuant to the AML Act, be authorised to make and keep the copies or identity cards or other documents records, upon which the identification is performed.(2) In the event when from a copy made and archive is apparent the data which shall be otherwise obligatory recorded applying the way described herein, then it is not necessary to enter the data into the form. It is sufficient when the data is clear from the copy which was made.§ 102. Way of data and documents keeping(1) From each recorded information and archived documents shall be apparent:(a) To which business relationship they are linked(b) The employee who entered the data, amended the data or verified the data, and archived the documents(c) The date on which was the data entered, amended or verified or when the documents were archived.(2) Next, an AML office shall ensure safe archiving of the copies of filed notifications on a suspicious business, a document on their lodging, eventually an advice on their delivery.§ 103. Digital data(1) If the data or documents are recorded in a digital form, then the back-up shall be performed by a person responsible or by a person authorised to do so.(2) Archiving some documents in a digital form is not allowed, which results from the provisions of the AML Act that prescribes some documents to be archived only as the original documents or certified copy – this is, in particular, the case of the powers of attorney and identification documents.§ 104. Period for which the information and documents shall be archived(1) Pursuant to the AML Act the company Innovation Service Group Ltd. is obliged to archive the data and documents for the following period:(a) All the information and documents related to the business relationships and services defined herein shall be archived for the period of 10 years. This period starts to be counted by the first day of a calendar year which follows the year in which specific relationship was terminated.(b) The employee training report (see Chapter V.3) shall be archived at least for the period of 5 years after the date when the training was performed.(c) The assessment report (see Chapter V.4) shall be archived for the period of 5 years as a minimum.V.6. Requirement for Traceability§ 105. Traceability(1) The term of traceability stated herein shall be understood as the state when it is possible, in case of certain procedure, determine retrospectively, why a specific action was performed (what was the reason), in what circumstances, what precede that action, and eventually what followed that action, what exactly was done, and who and when performed the steps.(2) What shall be also traceable retrospectively:(a) All the approval and decision-making procedures (incl. the evaluation procedure of customer's risk profile), in accordance with the present document, and also(b) All the control and verification activities, in accordance with the present document, including related responsibilities, and also(c) All the background documents and evaluation of the assessment report, and also(d) All the findings which resulted from the verification of a customer, pursuant to Chapter II.4, and within the reviewing procedure of the businesses, and eventually a correspondence related to specific business, customer or business relationship, and also(e) All the assessment procedures of possibly suspicious business, which resulted in the fact that none suspicious business was notified.(3) Due to this reason is necessary that all the records (digital or documentary), which are made in accordance with the present document and archived, contain at least the following information (if this kind of information is not apparent or cannot be deduced from other documents):(a) To which business relationship, customer or case these are related(b) The employee who entered the data, amended the data or completed the data, etc.(c) Date and eventually time when it was performed(d) All the other relevant information (reason, background documents supporting the decision, references to external data, etc.).V.7. Automated Performance of Rules, Procedures and Measures§ 106. Activities performed in an automated way(1) If any of the procedures stated herein or procedures related to the establishment and administration of business relationships are performed in an automated way, especially using the computers, then it is necessary to ensure that all the obligations, procedures and measures resulting from the present document and other legal regulations are being adhered to within their full scope. This is the responsibility of a person responsible, and also an AML office, and also the employee who controls, checks, sets and tests the automated system.(2) Information or other systems that perform the automatic data-processing, shall be developed, calibrated and shall have sufficient capacity to be able to react correctly in each situation which may be assumed, however, only with a low probability. This includes, in particular, immediate alerts and reporting, correct hardware setting, regular back-ups, testing and system maintenance.V.8. Obligation to Assess Regulations and Update Them§ 107. Frequency of assessment of AML rules and updates(1) The responsible person shall assess, at least every 12 calendar months, whether the provisions set out in this document and in the Risk Assessment document are current, proportionate to the nature, scale and complexity of currency exchange services and related activities. If necessary, it performs or arranges for updates to keep the regulations current and in line with the actual situation.(2) In addition to this regular 12-month interval, the responsible person shall, without undue delay (ideally in advance), review and update this document and the Risk Assessment if any such need arises:(a) the conclusion made in the Risk Assessment; or(b) information provided by Innovation Service Group Ltd. obtains and leads to the conclusion that the Risk Assessment or the supporting documents used for it are no longer up - to - date, or(c) a change in the business or strategy of Innovation Service Group Ltd., or(d) amendments to legal regulations published especially on the website of the Financial Analytical Office http://www.financnianalytickyurad.cz/, on http://www.amlsystems.cz/AML-documents and on the website of the Czech National Bank https://www.cnb.cz/cs/dohled-financni-trh/legislativni-zakladna/legalizace-vynosu-z-trestne-cinnosti/; these pages are informative only and the responsible person is supposed to be active(3) The responsible person will always create a written record of the assessment result and any further steps (whether the update and other details have been made).(4) If there is a change in the Risk Assessment, the responsible person shall record the procedures used to draw up or update the Risk Assessment and shall also record the reasons on which it has drawn the conclusions contained therein.(5) Furthermore, if the procedures set out in this document or in the Risk Assessment are substantially changed, the responsible person will organize training for the staff affected. It will record the content and attendance of the training according to the Chapter V.4.(6) Changes in this document and in the Risk Assessment are approved by the Company's statutory body.§ 108. Customer´s data updates(1) If the procedures set out in this document or in the Risk Assessment are changed, the responsible person shall verify that the information provided by Innovation Service Group Ltd. about customers (information obtained during the identification and control of the customer and any other information used to prevent ML-FT), its content and scope correspond to new obligations. If not, the responsible person will oblige the employees to supplement or update this information. The employee shall always do so at the latest before making another trade with the customer. VI. Internal verificationVI.1. Monitoring and Sanctions§ 109. Monitoring performance(1) Monitoring of the compliance with rules and procedures stated herein shall be performed by a person responsible. A person responsible may forward a partial monitoring towards an AML officer or other person. All the employees and an AML officer are obliged to undergo such a monitoring. The monitoring is to be performed in place, analysing the data and documents, or applying other ways of monitoring.(2) The monitoring shall be performed regularly, ideally once a month. A person performing the monitoring selects a control sample, on which he/she checks whether the procedures stated herein and prescribed by legal regulations were adhered to. The ideal situation is when a control sample is in compliance with all the business relationships or services provided within the monitored period, however, this is not possible due to capacity reasons, thus a random selection is sufficient.§ 110. Report on internal monitoring performance(1) A person that performs the internal monitoring shall, when the monitoring is finished, draw up a report. This report sample is shown in the Annex No. 1.§ 111. Infringement’s detection(1) Each person that has found out any infringement shall report this state immediately to a person responsible, also in the case when the infringement was caused by this person.§ 112. Evaluation of infringements and further procedure(1) In the event when a breach of rules and procedures prescribed herein are found out from the monitoring or notification, such a breach shall be assessed individually, in particular upon the level of seriousness and the extent, up to which these could jeopardize the effectiveness of measures applied against the legalization of the proceeds of crime and terrorism financing. A personal responsibility shall be then inferred on employees within the scope of applicable labour legal regulations. A person responsible shall, within the scope of his/her possibilities, simultaneously adopt the measures to prevent a repeated breach (repeated training of the employees, approval of additional measures, etc.).§ 113. Advice of consequences of rules infringement(1) All the persons to which is the present document shall be aware of the fact that any breach (infringement) of the rules and procedures stated herein would most probably result also in a breach of the provisions stated within the AML Act, and therefore the company Innovation Service Group Ltd. may be subject to a sanction or even the withdrawal of business license may be applied.VI.2. Amendments to Regulations§ 114. Monitoring of Amendments to Regulations(1) Persons responsible, i.e., an AML officers, are obliged to perform permanent monitoring of the development in the field of measures against legalization of proceeds of crime and financing of terrorism (i.e., the Acts, Decrees, Notices, etc.). Relevant regulations are published by the FAU (Financial Analytical Office) on its websites www.financnianalytickyurad.cz, and also on the websites of the Czech National Bank at: https://www.cnb.cz/cs/dohled-financni-trh/legislativni- zakladna/legalizace-vynosu-z-trestne-cinnosti/. The websites shall be understood as information source only, and a person responsible shall be actively involved in this kind of activity.§ 115. Implementation of the Present Document Amendments(1) In the event when the mentioned regulations are amended, or the new regulations come into force, the person responsible, i.e., an AML officer, shall implement such amendments to the present document to ensure the compliance of the present document with these regulations, a AML officer is also obliged to ensure the training of all the persons who shall be familiarized with such amendments.

RULES FOR SALE OF VIRTUAL ASSETS

Conditions for submitting applications:
An application for the sale/purchase of virtual assets can only be submitted by a registered user of service. To perform some operations, the http://innovationgroup.online service may require you to undergo a verification procedure. To undergo verification, the client must provide documents confirming his identity and indicate correct data in his personal account. It is prohibited to create requests for payment of funds using the details of third parties. The work schedule can be found in the “Contacts” section.
Terms of payment for the application by the client:The website has an automatic application form for the sale/purchase of virtual assets. To receive the service, it is important to undergo verification.
Terms of payment:The payment term depends on the provider, as well as on the bank chosen by the clients. Our service does not have the ability to influence the duration of payments or speed up payments. Now it takes from 5 minutes to 3-5 banking days.
If payment is not received within the specified time frame, our manager will request all the necessary information from the provider.
The sale of virtual assets is carried out within 30 minutes after the client deposits funds. After creating an application, you need to contact the manager and receive confirmation with bank details.Unpaid applications are closed automatically by the system after 48 hours.
Virtual asset operator sends virtual assets after receiving full payment by the Client. In case of payment not in full, the service reserves the right to recalculate the request and fulfill it in the amount received by the service from the client.
Format for receiving consultations:The client can receive advice on the created application during business hours through the contact information specified in the “Contacts” section, unless it has been previously agreed that the application will be processed on weekends or non-working hours.

CUSTOMER COMPLAINT POLICY

Conditions for submitting applications:
An application for the sale/purchase of virtual assets can only be submitted by a registered user of service. To perform some operations, the http://innovationgroup.online service may require you to undergo a verification procedure. To undergo verification, the client must provide documents confirming his identity and indicate correct data in his personal account. It is prohibited to create requests for payment of funds using the details of third parties. The work schedule can be found in the “Contacts” section.
Policy or Procedure regarding complaint management Innovation Service Group Ltd. 1. Submitting claims (complaints)1.1. The client can submit a claim (complaint) in the following ways:1.2. By sending an email. letter to the address: moc.liamg%402202ecivresnoitavonni;1.3. When submitting a claim (complaint), the Client must indicate:1.4. first name, last name or company name;1.5. Client's address;1.6. date of presentation of the claim (complaint);1.7. the essence of the claim (complaint), i.e. indicate what rights or legitimate interests of the person were violated;1.9. your requirements for Innovation Service Group Ltd.;1.10. other available documents related to the claim (complaint), if necessary;1.11. applicant's contact details: telephone number or email address. mail;2. If at least one of the required items is missing, Innovation Service Group Ltd. has the right to ask the Client to supplement the claim (complaint).3. Consideration of claims (complaints)3.1. Claims (complaints) of Clients are considered in accordance with the legislation of the Czech Republic, and according to EU legislation, as well as the principles of honesty, fairness and respect for the individual.3.2. Claims (complaints) of Clients are considered and responses to them are provided in the following order:3.3. If the client is a regular Client, Innovation Service Group Ltd. will consider the claim no later than within 2 (two) business days from the date of its receipt by e-mail, except in cases where the Company cannot provide a response within this time for reasons beyond its control. In this case, the Company provides the user with an incomplete response and indicates the reason for the delay and the deadline by which the final response will be provided. In any case, the period for providing a final response should not exceed 5 (five) working days;3.4. If the user is not a Client, Innovation Service Group Ltd. will consider the claim no later than within 5 (five working days) from the date of its receipt by email. Company mail, except in cases where additional documents, information or other mandatory receipts related to the provision of services required for consideration of a claim (complaint) provide for other deadlines.3.5. If a claim (complaint) cannot be considered within the time limits specified in paragraph 10 of these Rules, the Company notifies the Client of the reasons and, if necessary, asks to provide additional information. The client is also notified of the date of provision of the response to his claim (complaint).3.6. After consideration of the claim (complaint), a decision regarding its validity is made in writing, i.e. The client is provided with a written response to the email. mail.3.7. In the event that the Client’s claim (complaint) is partially satisfied or not satisfied, the response to the Client sets out the reasons for such a decision.3.8. The response to the Client is provided through the same channel through which the claim (complaint) was received, unless the Client indicates otherwise.3.9. Clients' claims (complaints), documents, material related to the consideration of the claim (complaint), and the response provided to the Client are stored for at least 3 years from the date the final response is provided to the Client.Important note: Innovation Service Group Ltd. sells virtual assets on proven p2p platforms: BINANCE, OKX, BYBIT etc., which provide all the necessary tools for safe and reliable trading. Features such as user ratings, feedback system and security mechanisms are included to protect users from fraud and dishonesty. The security of P2P platforms ensures verification of merchant accounts, the ability to file an appeal and moderation of free support. Technical support specialists promptly respond to user complaints and questions.
The company ensures the process of investigating the circumstances of persons suspected of fraud, and if such facts are identified, it transfers all data for further investigation to the regulator in the Czech Republic, the FAU - the Financial Analytical Bureau (Finanční Analytický Úřad).
In case something did not go according to plan during the transaction, you can use the Appeal.
Rules for considering appeals on the P2P platform4. Buyer appeal4.1. Order cancelled:If the order expired and was automatically canceled by the system, but the buyer still made the payment, or if the order was canceled by mistake after the buyer made the payment, P2P platform support representatives will contact the seller for a refund on optimal terms. If the seller refuses to return the money, then the P2P platform is not responsible for any losses arising from the transaction. P2P platforms reserve the right to block users who refuse to cooperate in the settlement process.4.2. The payment amount and the order amount do not match:If the actual amount paid by the buyer exceeds the order amount, and the buyer clicked the Mark as Paid or Transferred button, then the P2P platform support specialists will contact the seller for a refund. If the seller refuses to provide a refund, the buyer is responsible for the loss of his own funds. P2P platforms reserve the right to block users who refuse to cooperate in the settlement process.4.3. The seller did not transfer the cryptocurrency on time:If the seller does not transfer the cryptocurrency within 15 minutes after the buyer successfully makes a payment using the instant payment method, P2P platform support representatives will contact the seller to resolve the issue of transferring the cryptocurrency. If the seller does not respond within a certain period of time, the P2P platform's support representatives will transfer the cryptocurrency manually.If the buyer used a deferred payment method to pay, which prevents the seller from receiving funds on time, customer service representatives will contact the seller and ask for a cryptocurrency transfer within two business days. If payment is not received within the due date, the seller must contact the P2P platform support service and report this. If the seller does not contact customer service, it is assumed that payment has been received. P2P platform customer support specialists will transfer the cryptocurrency manually.4.4. The seller does not want to transfer cryptocurrency:The buyer has paid the correct amount from their payment account (the holder's name matches the KYC-verified name), but the seller is unwilling to transfer the cryptocurrency and is trying to negotiate a higher price.Unless the price is extremely low (-10% of the market price), a P2P platform support specialist will manually transfer the assets specified in the order.Note. For orders above 1,000 USD there is a 5% range. If the difference is greater than this value, the order is canceled.4.5. When transferring money, the buyer left a note, but the seller did not transfer the cryptocurrency:If the buyer, when transferring funds, mentioned in the payment notes such words as “Digital currency, P2P, name of P2P platform, BTC, etc.” or other similar confidential information (although the seller has specified in the terms and conditions that such words should not be mentioned), a P2P platform support agent will contact the seller to transfer the cryptocurrency or return the money. Any fees charged during a refund are the responsibility of the buyer.4.6. Use of offensive language:Both sides used offensive language on the P2P platform. This includes, but is not limited to, chatting with users and online chat support, as well as order comments. If a user has been reported at least twice, some functions in his account will be disabled.
5. Seller's appeal5.1. The buyer did not make a payment, but clicked “Mark as paid” or “Transferred, next”:If the buyer has not made payment, has not provided proof of payment, or cannot be contacted within the specified time period, the P2P platform support specialist will cancel the order. If orders are canceled for the same reason at least three times, some features of the user's account will be temporarily disabled.If the buyer completes the payment but the seller has not received the funds, customer service representatives will contact the seller and the cryptocurrency will be transferred within two business days. If the cryptocurrency has not been transferred within the required time frame, support specialists will ensure that the cryptocurrency is transferred manually. If the cryptocurrency cannot be transferred normally, the seller must contact support and report the problem. If the seller does not contact customer service, it is assumed that payment has been received.5.2. The information specified during verification or the payment amount does not match:If the buyer transferred money to other payment accounts of the seller or to the payment account of another person instead of the one specified in the payment information, the P2P platform is not responsible for losses resulting from such a transaction, and a refund is not guaranteed. If the buyer repeatedly makes payments to accounts other than those specified by the seller, the support team has the right to suspend the buyer's account.If the name in the buyer's payment account does not match the name verified during KYC on the P2P platform, the buyer's P2P function will be suspended due to a violation of P2P rules. In this case, the cryptocurrency will not be transferred, and the seller will be asked to return the entire amount to the buyer. The order will be canceled after the seller provides proof of the refund and the buyer confirms receipt of the refund. In this case, all commissions must be paid by the buyer.If the buyer has paid the order, but the payment amount is less than the order amount, the buyer must pay the remaining amount within a certain period of time. In this case, all commissions must be paid by the buyer. If the buyer does not respond on time or refuses to pay the remaining amount, the seller will be asked to return the money received. P2P platforms reserve the right to block users who refuse to cooperate in the settlement process. If the actual amount paid by the buyer is less than the order amount, but the seller has transferred the cryptocurrency before receiving the full payment amount, the P2P platform's support agents will contact the buyer and ask him to pay the remaining amount. If the buyer refuses to pay, the seller is responsible for the loss of funds. P2P platforms are not responsible for any losses resulting from a transaction and reserve the right to suspend users who refuse to cooperate during the resolution process.5.3. The seller did not confirm the payment on his account and transferred the cryptocurrency:The seller must contact customer service and report the problem. In cases where the buyer does not respond or refuses to cooperate, the seller may report the incident to law enforcement agencies.The seller is fully responsible for the transfer of cryptocurrency without confirmation of receipt of payment to the account. The P2P platform is not responsible for any losses resulting from the transaction and cannot guarantee that funds will be returned.
6. Use of offensive language:Both sides used offensive language on the P2P platform. This includes, but is not limited to, chatting with users and online chat support, as well as order comments. If a user has been reported at least twice, some functions in his account will be disabled.
7. Account blocking on P2PP2P platforms may block your P2P account for violating trading rules when placing or executing an ad. Therefore, if an appeal has been filed against you, it is better to resolve the conflict yourself.Blocking can be:• until the cause of the blocking is eliminated;• for a certain period;• lifelongAny transaction with signs of fraud may be suspended for verification and may give rise to legal prosecution, which will be carried out in accordance with the current legislation of the country where the Company is registered, the court city in Prague.
8. Final provisions8.1. These Rules are publicly available on Company web page. Client dissatisfied with the received Innovation Service Group Ltd. decision, has the right to use other legal means to protect their interests in accordance with the current legislation of the country at the place of registration of the Company.

Information from the public section of the Trade Licensing Register

Trading company Innovation Service Group Ltd. Registered office st. Chudenicka 1059/30, Hostivar, 102 00 Prague 10, Czech RepublicRegistered number 17743281 Statutory body or its members:Name and surname Rafael NersesianInception of appointed 16.11.2022Trade authorization no.1Object of business Manufacture, trade and services not specified in Annexes 1 to 3 to the Trade Licensing ActType of tradeUnqualified notifiableOrigin of authorization 16.11.2022Licence valid for unlimited periodAuthority competent according to §71 paragraph 2 of the Trade Act:Office of the Municipal District of Prague 1The Ministry of Industry and Trade certifies that the information given in this extract is entered in the trade register as of the dateof validity of the extract.