Policy

Anti-Money Laundering and Counter-Terrorist Finance Policy

1. Introduction

WagePerks Ltd ("the Company") is committed to preventing money laundering and the financing of terrorism. As a company that processes payments and provides financial-adjacent services including employee benefits and payroll-related tools, we recognise our obligation to maintain robust systems and controls to detect and prevent financial crime.

This policy sets out the Company's approach to meeting its legal obligations under anti-money laundering ("AML") and counter-terrorist financing ("CTF") legislation and regulations.

2. Legal and Regulatory Framework

This policy is informed by and seeks to ensure compliance with the following legislation and regulations:

  • Proceeds of Crime Act 2002 (POCA) -- establishes the principal money laundering offences and the requirement to report suspicious activity.
  • Terrorism Act 2000 -- creates offences relating to terrorist financing and imposes reporting obligations.
  • Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017) -- as amended, sets out requirements for customer due diligence, risk assessment, record keeping, and internal controls.
  • Sanctions and Anti-Money Laundering Act 2018 -- provides the framework for UK sanctions and AML regulation post-Brexit.
  • HM Treasury sanctions regime -- requires screening against the UK Sanctions List.

3. Scope

This policy applies to all directors, officers, employees, contractors, and agents of WagePerks Ltd. It covers all business relationships, transactions, and activities conducted by or on behalf of the Company, including:

  • Onboarding of employer clients to the WagePerks platform.
  • Processing of payments for platform subscriptions and services.
  • Provision of employee benefits, GP access, and Employee Assistance Programme services.
  • Any financial transactions processed through or facilitated by the Company's systems.

4. Money Laundering Offences

Under the Proceeds of Crime Act 2002, the following constitute criminal offences:

  • Concealing, disguising, converting, transferring, or removing criminal property (Section 327).
  • Entering into or becoming concerned in an arrangement which facilitates the acquisition, retention, use, or control of criminal property (Section 328).
  • Acquiring, using, or possessing criminal property (Section 329).
  • Failure to disclose knowledge or suspicion of money laundering (Section 330).
  • Tipping off a person that a disclosure has been made or an investigation is being carried out (Section 333A).

All Personnel must be aware that these offences carry severe penalties, including imprisonment of up to fourteen years and unlimited fines.

5. Nominated Officer

The Company has appointed a Nominated Officer (also referred to as the Money Laundering Reporting Officer, or "MLRO") who is responsible for:

  • Receiving and evaluating internal suspicious activity reports.
  • Making Suspicious Activity Reports ("SARs") to the National Crime Agency ("NCA") where appropriate.
  • Maintaining records of all internal reports and SARs submitted.
  • Ensuring the Company's AML policies, procedures, and controls are adequate and up to date.
  • Providing guidance and support to Personnel on AML and CTF matters.
  • Reporting to the Board on AML compliance.

The Nominated Officer has sufficient seniority and authority to act independently and has direct access to the Board of Directors.

6. Risk Assessment

6.1 Firm-Wide Risk Assessment

In accordance with Regulation 18 of MLR 2017, the Company maintains a documented risk assessment that identifies and assesses the money laundering and terrorist financing risks to which the business is subject. The risk assessment considers:

  • The nature of the Company's products and services, including the WagePerks employee management platform.
  • The types of clients served (employers across various industries).
  • The geographical areas in which the Company operates.
  • The delivery channels used (primarily digital/online).
  • The transaction volumes and values processed.

The risk assessment is reviewed at least annually or whenever there is a material change in the business or its risk profile.

6.2 Client Risk Assessment

Each client relationship is assessed for money laundering and terrorist financing risk at the point of onboarding and on an ongoing basis. Risk factors include:

  • The nature and size of the client's business.
  • The industry sector in which the client operates.
  • The geographical location of the client and its operations.
  • The complexity of the client's corporate structure.
  • Whether the client involves politically exposed persons ("PEPs").
  • Any adverse media or intelligence relating to the client.

Clients are categorised as low, medium, or high risk, and the level of due diligence applied is calibrated accordingly.

7. Customer Due Diligence

7.1 Standard Due Diligence

Before establishing a business relationship with a new client, the Company must:

  • Identify the client and verify their identity using reliable, independent sources.
  • Identify any beneficial owners holding more than 25% of shares or voting rights and verify their identity.
  • Obtain information on the purpose and intended nature of the business relationship.
  • Assess and, as appropriate, obtain information on the source of funds.

For corporate clients, this includes verifying the company's registration with Companies House, confirming the identity of directors and significant shareholders, and understanding the company's ownership and control structure.

7.2 Enhanced Due Diligence

Enhanced due diligence ("EDD") must be applied where there is a higher risk of money laundering or terrorist financing, including where:

  • The client or beneficial owner is a politically exposed person ("PEP") or a family member or known close associate of a PEP.
  • The client is established in a high-risk third country as identified by HM Treasury or the Financial Action Task Force.
  • The transaction or business relationship is unusually complex or large without an apparent economic or lawful purpose.
  • There are any other factors indicating a higher risk.

EDD measures include obtaining additional information on the source of wealth and source of funds, conducting enhanced ongoing monitoring, and obtaining senior management approval for the business relationship.

7.3 Simplified Due Diligence

Simplified due diligence may be applied where the Company has assessed that the business relationship or transaction presents a low risk of money laundering or terrorist financing, and the conditions set out in Regulation 37 of MLR 2017 are met. Simplified due diligence does not exempt the Company from ongoing monitoring obligations.

7.4 Ongoing Monitoring

The Company conducts ongoing monitoring of all business relationships, which includes:

  • Scrutinising transactions to ensure they are consistent with the Company's knowledge of the client and their risk profile.
  • Keeping client due diligence information up to date, particularly for higher-risk clients.
  • Reviewing the business relationship periodically to ensure the risk assessment remains accurate.

8. Suspicious Activity Reporting

8.1 Internal Reporting

Any member of Personnel who knows or suspects, or has reasonable grounds for knowing or suspecting, that a person is engaged in money laundering or terrorist financing must report this to the Nominated Officer as soon as practicable.

Internal reports must be made using the Company's prescribed reporting form and must include:

  • Full details of the persons involved, including names, addresses, and any identification numbers.
  • Full details of the nature of the suspicion or the transaction giving rise to the suspicion.
  • The value and timing of any transactions involved.
  • Any other relevant information.

8.2 External Reporting

The Nominated Officer will evaluate each internal report and determine whether there are reasonable grounds to submit a Suspicious Activity Report ("SAR") to the National Crime Agency ("NCA") via the SAR Online system.

Where a SAR is submitted, the Nominated Officer must:

  • Ensure that no transaction that is the subject of the SAR proceeds without appropriate consent from the NCA, where required.
  • Maintain confidentiality and ensure that no person is tipped off about the SAR.
  • Record the SAR reference number and NCA response for the Company's records.

8.3 Prohibition on Tipping Off

Under Section 333A of the Proceeds of Crime Act 2002, it is a criminal offence to disclose that a SAR has been made or that a money laundering investigation is being, or may be, carried out. All Personnel must exercise extreme caution to avoid tipping off, whether directly or indirectly.

9. Sanctions Screening

The Company screens all new clients and their beneficial owners against the UK Sanctions List maintained by the Office of Financial Sanctions Implementation ("OFSI"), the United Nations Security Council sanctions lists, and other relevant sanctions lists. Screening is conducted at the point of onboarding and on an ongoing basis.

Any match or potential match must be reported to the Nominated Officer immediately. The Company will not enter into or continue a business relationship with any individual or entity subject to financial sanctions without authorisation from OFSI.

10. Record Keeping

In accordance with Regulation 40 of MLR 2017, the Company retains the following records:

  • Copies of, or references to, the evidence obtained for customer due diligence purposes, for a period of five years from the end of the business relationship.
  • Supporting records in respect of transactions, including sufficient information to identify the transaction, for a period of five years from the date of the transaction.
  • Records of all internal suspicious activity reports and SARs submitted to the NCA.
  • Records of training provided to Personnel.
  • The Company's risk assessments, policies, and procedures.

Records are stored securely and in compliance with the UK GDPR and the Data Protection Act 2018.

11. Training

All Personnel receive AML and CTF training appropriate to their role:

  • Induction training is provided to all new Personnel before they commence client-facing duties.
  • Annual refresher training is provided to all Personnel.
  • Enhanced training is provided to Personnel in client-facing, compliance, and senior management roles.

Training covers the legal framework, the Company's policies and procedures, how to identify suspicious activity, and how to make internal reports. Records of training are maintained by the Nominated Officer.

12. Governance and Oversight

The Board of Directors has overall responsibility for ensuring that the Company maintains adequate AML and CTF systems and controls. The Board:

  • Approves this policy and any material changes to it.
  • Receives regular reports from the Nominated Officer on AML compliance, including the number and nature of internal reports and SARs submitted.
  • Ensures that adequate resources are allocated to AML and CTF compliance.
  • Ensures that the Nominated Officer has the necessary authority, independence, and access to information to discharge their responsibilities.

13. Review

This policy is reviewed at least annually by the Nominated Officer and approved by the Board of Directors. It is updated as necessary to reflect changes in legislation, regulation, guidance, or the Company's business activities and risk profile.

Policy Owner: Nominated Officer / MLRO, WagePerks Ltd

Last Reviewed: April 2026

Registered in Scotland