Purpose, Scope and Regulatory Basis

This Anti-Money Laundering (AML) Policy establishes the controls Qqrp applies to prevent, detect and report money laundering and terrorist financing in connection with all gambling services operated by Qqrp. It applies to all employees, contractors, agents, and business relationships, and to all customer transactions conducted through the Qqrp platform. Qqrp will comply with applicable AML/CFT laws and regulations in all jurisdictions in which it operates, and with the standards set by the relevant licensing authorities.

Governance and Responsibility

Senior management holds ultimate accountability for the effectiveness of AML controls. A designated Money Laundering Reporting Officer (MLRO) has independent authority to act, sufficient resources to discharge duties, and responsibility for receiving disclosures of suspicious activity from staff, maintaining an auditable trail, and reporting to competent authorities where required by law.

Risk-Based Approach

Qqrp conducts an annual enterprise-wide risk assessment and applies a risk-based approach to the design and operation of its AML controls. Risk profiles guide customer due diligence (CDD), ongoing monitoring, and escalation procedures. Records of risk assessments, control design, and actions taken are retained for regulatory review.

Customer Due Diligence (CDD) and Onboarding

On onboarding and for ongoing relationships, we perform CDD commensurate with the assessed risk. Required verifications include:

  • Verified government-issued photographic identification (e.g., passport, national ID);
  • Proof of current residential address (e.g., utility bill, bank statement) not older than three (3) months;
  • Verification of source of funds and, where applicable, source of wealth;
  • Identification of beneficial owners for legal entities, with verification of individuals who ultimately own or control more than twenty-five percent (25%) of the entity.
  • PEP screening for all customers; enhanced due diligence (EDD) applies where a PEP or related politically exposed individual is involved.

Thresholds and triggers: transactions or activity exceeding EUR 10,000 (or equivalent) within a rolling 30-day window require enhanced verification and a documented risk assessment prior to approval.

Ongoing Monitoring and Risk-Based Transaction Review

We continuously monitor customer activity and validate consistency with the customer’s risk profile and declared purpose of the relationship. Indicators of concern include unusual or rapid changes in transaction patterns, deposits or withdrawals incongruent with the customer’s profile, or layering of funds. All such indicators shall be reviewed by the MLRO and escalated as appropriate.

Source of Funds and Source of Wealth

For higher-risk transactions or customers, Qqrp requires reasonably verifiable evidence of the source of funds and, where warranted, source of wealth. Acceptable documentation includes bank statements, salary/pay summaries, or confirmation from a licensed financial institution. When funds are determined to lack legitimate origin, funds shall be flagged, suspended, and returned to the depositor’s original method where feasible, pending further investigation or regulatory instruction.

Enhanced Due D diligence (EDD) and High-Risk Customers

High-risk customers—including those with complex ownership structures, unusual transaction patterns, or residency in high-risk jurisdictions—are subject to enhanced due diligence. Measures may include:

  • Rigorous identity verification and ongoing verification of beneficial ownership;
  • Additional verification of source of funds/wealth;
  • Increased frequency of account reviews and transaction monitoring;
  • Periodic review of business relationships and confirmation of ongoing legitimate activity.

Sanctions, High-Risk Jurisdictions and Prohibited Activities

Qqrp screens customers and counterparties against sanctions lists and high-risk jurisdictions. We decline to establish or maintain business relationships with customers located in jurisdictions subject to comprehensive AML/CFT restrictions or identified as high risk by applicable authorities. Where a customer’s location or beneficial ownership triggers ongoing risk, we apply enhanced controls or close the relation as permitted by law.

Suspicious Activity Reporting (SAR) and Tipping-Off

Any employee who has grounds for knowledge or suspicion that a customer is engaged in money laundering or terrorist financing must report promptly to the MLRO. Disclosure to the customer or to any third party outside the investigation is strictly prohibited (tipping-off). SARs are treated as confidential and access to information is restricted to authorized personnel. The MLRO will determine whether a report should be submitted to the competent authority in accordance with applicable law.

Escalation, Investigation and Record of Action

All suspicious activity, no matter how minor it may appear, must be escalated in a timely manner. An auditable record of the escalation, investigation steps taken, decisions made, and outcomes shall be maintained. Non-escalation may result in disciplinary action and potential regulatory penalties.

Training, Competence and Awareness

All relevant staff receive AML training on the identification of suspicious activity, proper use of CDD/EDD procedures, and the escalation process. Training includes scenario-based guidance on customer verification, payments screening, and compliance with internal controls. Training materials are reviewed at least annually and upon material regulatory changes.

Roles and Independence of the MLRO and Compliance Functions

The MLRO operates independently, with direct access to senior management and the authority to escalate issues without delay. The Compliance Officer provides governance and oversight of AML/CFT controls. Both functions have access to necessary resources and are accountable for timely reporting to regulators as required by law.

Record Keeping and Data Retention

Qqrp maintains comprehensive records to assist law enforcement investigations, including: customer identification and verification records, risk assessments, transaction monitoring data, SARs, internal communications, and staff training records. Retention shall be a minimum of seven (7) years after the end of the business relationship or the final transaction, subject to applicable data protection obligations.

Data Privacy and Confidentiality

Personal data processed in the course of AML controls is handled in accordance with applicable data protection laws. Access to personal data is restricted to authorized personnel and retained solely for purposes of AML compliance and regulatory cooperation.