BME Technologies
About Services Compliance News Support
EN / RU
Contact us
BME Technologies
About Services Compliance News Support
Contact us
EN / RU
Legal

AML Policy

1. Purpose and Scope

This Anti-Money Laundering and Counter-Terrorist Financing Policy (the “Policy”) establishes the framework adopted by BME Technologies OÜ (the “Company”) to prevent, detect, and report money laundering, terrorist financing, and other forms of financial crime. The purpose of this Policy is to ensure that the Company conducts its activities in compliance with applicable AML/CFT laws and international standards, and that appropriate controls are in place to identify and mitigate financial crime risks. This Policy applies to all employees, contractors, and external service providers involved in the Company’s operations.

2. Definitions

For the purposes of this Policy:

“Client” means any corporate customer engaging the Company for transaction coordination services. “Counterparty” means any regulated entity involved in transaction execution or settlement, including financial institutions and virtual asset service providers (VASPs). “Transaction” means any crypto-to-fiat or related operation coordinated by the Company. “Suspicious Activity” means any activity that may indicate money laundering, terrorist financing, or other financial crime.

3. Regulatory Framework

The Company operates in accordance with applicable AML/CFT laws and international standards, including:

  • European Union AML Directives and relevant Estonian legislation
  • FATF Recommendations
  • Applicable sanctions regimes (EU, UN, OFAC) The Company also aligns its compliance practices with the regulatory frameworks applicable to its counterparties and the jurisdictions in which they operate.

4. Business Model

BME Technologies OÜ operates as a non-custodial transaction coordination provider in the context of digital asset–related transactions. The Company does not receive, hold, or control client funds or digital assets at any stage. The Company does not operate wallets, does not have access to private keys, and does not execute or settle transactions. The Company facilitates and coordinates transactions between corporate clients and regulated counterparties, including licensed financial institutions, virtual asset service providers, and liquidity providers. All execution, conversion, and settlement activities are performed by such regulated counterparties. The Company does not act as a principal, counterparty, broker, or exchange.

5. Risk-based Approach

The Company applies a risk-based approach to AML/CFT compliance, taking into account:

  • client risk
  • jurisdictional risk
  • transaction risk
  • counterparty risk Each client relationship is assessed prior to onboarding and is subject to ongoing review.

6. Customer Due Diligence (CDD)

The Company conducts Customer Due Diligence prior to entering into any business relationship. This includes identification and verification of:

  • corporate clients
  • ultimate beneficial owners (UBOs)
  • directors and authorized representatives The Company also performs:
  • sanctions screening
  • PEP screening
  • assessment of business activity and transaction purpose Enhanced Due Diligence is applied where higher risk is identified.

7. Counterparty Due Diligence

The Company engages only with regulated and reputable counterparties. Due diligence includes:

  • verification of licensing and regulatory status
  • assessment of compliance frameworks
  • reputational checks The Company relies on counterparties to perform execution and settlement in accordance with applicable regulations.

8. Flow of Funds

BME Technologies OÜ does not receive or process client funds through its own accounts. Transaction flows are executed directly through regulated counterparties, including licensed financial institutions and virtual asset service providers. Clients transfer funds directly to such counterparties, and settlement to final beneficiaries is performed by those entities. The Company does not hold, control, or have access to client funds at any stage.

9. Transaction Oversight

The Company applies a transaction oversight framework rather than traditional transaction monitoring. This includes reviewing transactions based on available information to ensure:

  • consistency with the client’s profile
  • alignment with declared business purpose
  • involvement of legitimate counterparties Where necessary, additional information or documentation may be requested.

10. Sanctions and Screening

The Company conducts screening against:

  • international sanctions lists
  • politically exposed persons (PEPs)
  • adverse media Transactions involving sanctioned parties are not supported.

11. Identification and Reporting of Suspicious Activity

The Company maintains procedures for identifying and assessing suspicious activity. Where suspicious activity is identified:

  • the matter is escalated internally
  • additional due diligence is performed
  • reporting obligations are fulfilled where required

12. Governance and Compliance Function

The Company maintains a compliance framework overseen by the MLRO. The MLRO is responsible for:

  • AML/CFT oversight
  • internal controls
  • reporting obligations The Company may engage external compliance specialists to support implementation and monitoring of AML procedures.

13. Record Keeping

The Company maintains records of:

  • client due diligence
  • transaction documentation
  • compliance assessments Records are retained in accordance with applicable legal requirements.

14. Staff Obligations and Training

All personnel are required to:

  • comply with this Policy
  • report suspicious activity
  • participate in AML/CFT training

15. Audit and Independent Review

The Company may conduct periodic internal or external reviews of its AML/CFT framework to ensure effectiveness and compliance.

16. Limitations of Control

Due to its non-custodial model, the Company does not have full visibility into all transaction flows and does not control the execution or settlement of transactions. Monitoring is therefore limited to information available within the Company’s coordination role.

ANNEX 1 – RISK MATRIX / BME TECHNOLOGIES OÜ

The Company applies a risk-based approach to assessing financial crime risks associated with its activities. The following matrix outlines the key risk categories, their characteristics, and mitigation measures.

1. Client Risk

Risk Factor Description Risk Level Mitigation Measures Corporate structure complexity Multi-layered ownership or unclear UBOs Medium / High Enhanced Due Diligence (EDD), UBO verification Industry exposure Clients operating in high-risk sectors Medium / High Industry screening, transaction purpose validation New clients Recently onboarded clients with no history Medium Increased scrutiny during initial transactions

2. Jurisdiction Risk

Risk Factor Description Risk Level Mitigation Measures High-risk jurisdictions FATF high-risk or sanctioned countries High Restriction or rejection of transactions Offshore structures Clients or flows involving offshore jurisdictions Medium Additional documentation and justification Mismatch jurisdictions Client location inconsistent with transaction Medium Clarification and supporting evidence

3. Transaction Risk

Risk Factor Description Risk Level Mitigation Measures Large transaction size High-value transactions relative to client profile Medium / High Source of funds verification Complex structuring Multi-step or unclear transaction flows High Transaction breakdown and documentation Economic rationale Lack of clear purpose High Request supporting documentation

4. Counterparty Risk

Risk Factor Description Risk Level Mitigation Measures Unregulated counterparties Lack of licensing or unclear status High Work only with regulated entities Weak compliance controls Poor AML framework of counterparty Medium / High Counterparty due diligence Unknown counterparties Insufficient transparency High Reject or require full disclosure

5. Product / Service Risk

Risk Factor Description Risk Level Mitigation Measures Crypto-to-fiat conversion Exposure to digital asset risks Medium Use regulated providers only Real estate settlements High-value transactions Medium / High Documentation and transaction purpose verification Cross-border flows Multi-jurisdictional complexity Medium Jurisdiction and counterparty checks

ANNEX 2 – RED FLAGS INDICATORS

The following non-exhaustive list outlines indicators of potentially suspicious activity relevant to the Company’s non-custodial transaction coordination model.

CLIENT-RELATED RED FLAGS

  • Client is unable or unwilling to provide clear information about business activity
  • Complex or opaque ownership structure without reasonable explanation
  • Frequent changes in ownership, management, or transaction instructions
  • Client requests to structure transactions in an unusual or non-standard manner

TRANSACTION-RELATED RED FLAGS

  • Transaction lacks clear economic or business rationale
  • Transaction size is inconsistent with client profile
  • Unnecessarily complex transaction structure
  • Urgent transaction requests without sufficient explanation
  • Repeated adjustments to transaction details

JURISDICTIONAL RED FLAGS

  • Involvement of high-risk or sanctioned jurisdictions
  • Transaction flows involving multiple unrelated jurisdictions
  • Mismatch between client location and transaction geography

COUNTERPARTY RED FLAGS

  • Counterparty is not regulated or cannot confirm licensing status
  • Counterparty unwilling to provide compliance information
  • Use of multiple counterparties without clear justification

BEHAVIORAL RED FLAGS

  • Client demonstrates reluctance to provide documentation
  • Inconsistent explanations regarding transaction purpose
  • Attempts to bypass standard compliance procedures

ANNEX 3 – TRANSACTION REVIEW WORKFLOW

BME TECHNOLOGIES OÜ

1. Overview

BME Technologies OÜ applies a structured transaction review process to ensure that all transactions coordinated by the Company are consistent with its AML/CFT obligations and internal risk appetite. Given the Company’s non-custodial model, this process is based on transaction oversight rather than direct monitoring or control of funds.

2. Transaction Review Process

Step 1 – Client Verification

  • Prior to any transaction, the Company confirms that:
  • the client has successfully completed onboarding and KYC/KYB procedures
  • the client profile, including business activity and ownership structure, is verified
  • no sanctions or adverse findings are present
  • No transaction is coordinated without completed onboarding.

Step 2 – Transaction Initiation and Information Collection The Company obtains key transaction details, including:

  • transaction purpose
  • transaction size and structure
  • involved counterparties
  • jurisdictions involved
  • intended beneficiary The Company ensures that sufficient information is available to understand the nature and rationale of the transaction.

Step 3 – Risk Assessment The transaction is assessed against the Company’s risk framework, including:

  • consistency with the client profile
  • jurisdictional exposure
  • counterparty risk
  • complexity of transaction structure Where necessary, the transaction is classified as low, medium, or high risk.

Step 4 – Enhanced Review (if applicable) Where elevated risk is identified, the Company performs enhanced review, which may include:

  • requesting additional documentation
  • obtaining clarification on transaction purpose
  • verifying counterparties in greater detail
  • confirming source of funds

Step 5 – Decision-Making Based on the review, the Company determines whether to:

  • proceed with coordination of the transaction
  • proceed subject to additional controls
  • decline involvement in the transaction All decisions are made in accordance with the Company’s risk appetite and compliance requirements.

Step 6 – Escalation If concerns arise, the transaction is escalated to the MLRO and/or compliance function. The Company may suspend or decline involvement until concerns are resolved.

Step 7 – Documentation and Record Keeping All relevant transaction information, risk assessments, and decisions are documented and retained in accordance with the Company’s record-keeping obligations.

3. Role of the Company

The Company’s role within this process is limited to:

  • coordinating transaction parameters
  • assessing transaction risk based on available information
  • facilitating interaction with regulated counterparties The Company does not execute transactions, does not act as a counterparty, and does not hold or control funds.

4. Limitations

Due to its non-custodial model, the Company does not have full visibility into all transaction flows and relies in part on information provided by clients and counterparties.

Approved by: Grigoriy Rybalchenko Director / MLRO

Date:

← Back to home
BME Technologies

Non-custodial crypto-to-fiat infrastructure for corporate clients.

BME Technologies OÜ · J. Vilmsi tn 47, Tallinn 10115, Estonia

Cryptopayio is a communication and operational brand used by BME Technologies OÜ.

Navigation
  • About
  • Services
  • Compliance
  • News
Legal
  • Terms of Use
  • Privacy Policy
  • AML Policy
  • Cookie Policy
Support
  • Support
  • Contact
© 2026 BME Technologies OÜ. All rights reserved. Estonia · EU ·
EN / RU