Anti-Money Laundering Policy

1. Purpose

This policy outlines the Group’s commitment to preventing and responding to money laundering. It provides a clear structure for identifying, reporting, and managing such risks.

2. Applicability

This policy applies to all directors, senior management, staff, and relevant third parties acting on behalf of the Group.

3. Roles and Responsibilities

Board of Directors

▪ Review and approve the AML policy at least once every three years or as needed.

▪ Ensure AML controls are embedded within business processes.

▪ Provide oversight on compliance and risk mitigation.

Management

▪ Design and implement internal AML procedures.

▪ Assign a Designated Person.

▪ Conduct periodic AML risk assessments across all business units.

▪ Ensure staff are trained, screened, and aware of their AML duties.

Employees

▪ Understand and follow the AML procedures.

▪ Attend all required AML training sessions.

▪ Immediately report any suspicious activity to the Designated Person.

▪ Keep all AML-related information confidential.

4. Detailed Steps to Handle Suspected Money Laundering

Step 1: Recognise Red Flags

Employees must be alert to potential indicators of money laundering, including but not limited to:

▪ Large cash transactions inconsistent with the customer’s profile

▪ Reluctance to provide identification or verification documents

▪ Use of complex or opaque business structures

▪ Transactions involving high-risk countries or known shell companies

▪ Rapid movement of funds with no clear business purpose

Step 2: Collect and Document Information

Before reporting:

▪ Gather all relevant documents (e.g., invoices, identification copies, transaction records)

▪ Record:

a. Name of the client(s) involved

b. Nature and date of the transaction

c. Any unusual observations

d. Why the transaction appears suspicious

Step 3: Report Internally

▪ Use the Suspicious Transaction Reporting (STR) form provided by the Group.

▪ Submit it immediately to the Designated Person.

▪ Do not delay the report – even if some information is pending.

Step 4: Maintain Confidentiality

▪ Do not disclose to the client or any other party that a report has been made.

▪ “Tipping off” is a criminal offense under AMLA.

Step 5: Designated Person’s Action

▪ Review the STR and supporting documents.

▪ Conduct further inquiry if needed (without alerting the client).

▪ Decide whether to escalate the case to Bank Negara Malaysia (FIED).

▪ Maintain a secure and confidential log of all STRs, whether reported to BNM or not.

5. Risk-Based Approach (RBA) – Detailed Application

Step 1: Conduct AML Risk Assessment

▪ Identify business areas, products, services, and clients that pose higher risks.

▪ Evaluate customer risks, geographic risks, and delivery channel risks.

Step 2: Risk Categorisation

▪ Categorise clients into low, medium, or high-risk groups.

▪ For high-risk clients, apply enhanced due diligence (EDD).

Step 3: Risk Mitigation

▪ Apply stricter verification procedures.

▪ Monitor high-risk accounts more frequently.

▪ Review client risk profiles annually or when there are significant changes.

6. Customer Due Diligence (CDD)

When to Perform CDD using Customer Due Diligence (CDD) Checklist

▪ Before establishing a business relationship.

▪ When there are doubts about the client’s identity or information.

▪ When there is a suspicion of money laundering or terrorism financing.

Steps for CDD

a.Verify Identity – Use government-issued documents (NRIC, passport, business registration).

b. Verify Beneficial Owner – Identify individuals who ultimately own or control the client.

c. Understand the Nature of the Business – Gather details on the purpose of the transaction or business relationship.

d. Ongoing Monitoring – Regularly review transactions to ensure they match the client’s profile.

e. Apply Enhanced Due Diligence for:

i. Politically exposed persons (PEPs)

ii. High-risk jurisdictions

iii. Large, complex, or unusual transactions

7. Employee Screening

1. Before Hiring:

▪ Conduct background checks (criminal records, financial history, prior misconduct).

▪ Validate qualifications and employment history.

2. Post-Hiring:

▪ Re-screen periodically, especially for roles with access to sensitive financial systems or clientfunds.

▪ Assess performance and integrity as part of appraisals.

3. Record-Keeping:

▪ Maintain all screening records securely.

8. Training and Awareness

1. New Employee Training:

▪ Must be completed within the first month of employment.

▪ Covers AML laws, red flags, reporting procedures, and internal policies.

2. Ongoing Training:

▪ Conduct annually or upon major regulatory changes.

▪ Include real-life case studies, refresher modules, and compliance updates.

3. Assessment and Records:

▪ Test employee understanding where appropriate.

▪ Keep attendance and completion records for audits.

9. Policy Review and Updates

▪ The AML Policy must be reviewed:

a. At least once every three years

b. Immediately if laws or BNM Guidelines are updated

c. When significant changes occur in the business or risk landscap

You may report any suspicious activities by email to: report@leapco.com.my