Compliance

General Overview

All StateTrust Group companies abide by regulations, standards and laws established to monitor and prevent money laundering and the diversion of resources to fund illegal activities, such as terrorism and drug trafficking.

As part of its efforts to comply with regulations against asset laundering and terrorist activities, StateTrust Group strives to enforce all prohibitions imposed by these regulations, as well as detect suspicious activities and report them to the authorities.

Anti-Money Laundering Actions

Anti-Money Laundering Actions (AML) are designed to establish legal control measures for companies operating in the financial sector (among other institutions), in order to prevent asset laundering or report illegal or suspicious activities.

Money laundering refers to operations aimed at filtering or hiding resources obtained from criminal or fraudulent activities, through transactions that make these resources appear to have been obtained or generated in a legitimate manner.

Today, financial institutions around the world are required to report suspicious transactions to authorities in their country or jurisdiction.

U.S. federal laws relating to money laundering were implemented under the Bank Secrecy Act of 1970.

Bank Secrecy Act

This Law (also known as the Currency and Foreign Transactions Reporting Act) requires financial institutions located in the United States to work with various government agencies in this country in the detection and prevention of money laundering.

This law was approved by the U.S. Congress in 1970. Part of the Act establishes a set of regulations to prevent, monitor and notify competent authorities about transactions that may fall within the scope of money laundering.

Patriot Act

The Patriot Act, which serves as an amendment to the Bank Secrecy Act, was implemented in response to the terrorist attacks of September 11, 2001, in the United States. These regulations seek to prevent and punish terrorist acts carried out on U.S. soil or anywhere in the world.

For financial institutions, this law requires achieving the following objectives:

• To strengthen U.S. legal measures to prevent, detect and bring to justice any acts of international money laundering and financing of terrorist acts.
• To ensure foreign jurisdictions and financial institutions in other countries, as well as certain international transactions and accounts that may be vehicles for criminal purposes, undergo thorough scrutiny.
• To require that the financial sector generate reports regarding potential money laundering activities.
• To strengthen mechanisms to both avoid the use of the U.S. financial system for the personal gain of members of the international banking industry, and to facilitate the repatriation of stolen assets to their rightful owners, citizens of other countries.

Intelligent Electronic Monitoring System

StateTrust Grouphas developed software programs to monitor all activities and transactions:

• Funds coming in and out of portfolios
• Internal movement of funds
• Behavior of accounts
• Control reports showing statistical changes in balances, as well as increases and declines by percentages
• Macro review of account activity for the last 12-24 months
• Detailed information of all transfers
• Monitoring of specific accounts from politically exposed persons or individuals residing in sensitive geographies
• Frequency analysis of funds received by individuals or sent to a specific recipient

These electronic systems enable us to keep track of all activities inside the group, through objective and subjective analyses.

These tools strengthen the compliance area, enable us to identify potential problems, and generate reports for corresponding international authorities.

Every day, our compliance systems are updated, in order to record and implement all regulatory changes taking place around the world.

Global Database

In order to comply with various laws regarding money laundering and diversion of resources to fund terrorist activities (and all other illegal activities), financial institutions are required to implement a process to register the names of customers in different global databases.

Some of the most important are:

• OFAC
• World Compliance Check
• FBI
• Interpol
• Lists from various countries
• Other relevant databases

Each night, lists are automatically updated and related websites are reviewed by search engines. If there are any changes to a profile or new information is added to the lists, the database is immediately updated.

For each transaction recorded, the system has the ability to generate a report that may be submitted to a specific regulatory or law enforcement agency.

Introduction to Due Diligence

Part of the process of knowing and identifying customers includes due diligence, a requirement imposed by regulatory institutions by which StateTrust Group abides. There are several types of due diligence:

• Know Your customer
• Enhanced due diligence process
• Customer identification
• Understanding each customer's business, professional and family traits
• Linking the customer to other governments or military forces
• Screening information using various international databases
• Verifying information provided on documents used to open accounts

Know Your Customer (KYC)

The process of identifying various aspects of a customer includes collecting information about:

• Personal background
• Source of wealth
• Professional and work-related activities
• Personal and financial references

StateTrust Group’s agents and sales representatives have the business responsibility of finding out information about customers, as part of our institution's policy to comply with guidelines set forth by anti-asset laundering laws.

Representatives are responsible for obtaining as much information as possible, along with the appropriate supporting documentation. In addition, the group verifies and compares this information with other databases, in order to prevent illegal activities (including money laundering) and comply with international standards regarding this issue.

Enhanced Due Diligence Process

At StateTrust Group, we follow all standard procedures to get to know our customers, adding a stricter level of scrutiny and thoroughness. With this in mind, we have protocols in place to document and review customer visits by our agents. Each transaction is properly documented.

In addition, processes have been developed by the Group’s Local and International Compliance Department, in order to verify information provided by both customers and agents.

We have internal procedures in place to review each of our customer's accounts and assign new profiles, if necessary. This way, at the start of each relationship, the Group assigns profiles based on specific parameters. As each relationship evolves, profiles are adjusted according to numerical and conceptual assessments of each account.

Customer Identification Program

This is the process of identifying and gathering data about our customers' individual information, the source of their assets, and the nature of their activities.

During this process, our agents or sales representatives are fully responsible for identifying each customer. From a business point of view, agents must ensure full compliance with all anti-money laundering guidelines and regulations. To such end, agents are responsible for obtaining the largest amount of information possible, which is then sent to StateTrust Group’s Compliance Department.

Every customer is assigned a level of risk and transaction profile, a series of transactions that will be allowed and not allowed, and a specific variation allowed for this account or relationship. Some of the activities that agents, representatives and managers perform in these profiles include updating information or making the decision to close or restrict a specific relationship.

Risk Evaluation Process

The concept of risk refers to the dangers of fraud, money laundering and diversion of funds for illegal activities, including terrorism. StateTrust Group has established the following procedures to avoid any misuse of accounts, as well as monitor transactions at all times:

1. Identify our customers' personal information

• We learn about their background, income, place of work, social and family status, who referred them, and whether they have any other links to StateTrust Group.

2. Identify our customers' assets and estate

• We determine our customers' equity and net assets, the nature of any other investments, their relationships with other banks, and the products acquired at those institutions.
• We visit our customers' homes and/or offices.
• Before opening any type of account, we prescreen each customer.

3. Transactions

• Confirmation calls are made for all incoming and outgoing transactions, using security procedures that identify our customers through the parameters established at the time their account was opened.
• We also monitor and investigate the individuals receiving the funds and the banks receiving the transfers.
• If the recipient is a third party, individual or entity, we review the names where the funds originate.
• If any transactions generate doubt, we have a special team dedicated to inquire about the individual or institution where the funds originate, in order to verify that they are indeed engaged in the activities described when the account was opened.

4. Investigation

• Agents and a special group dedicated to investigate cases and transactions that are not consistent with the parameters and profiles established for each client.
• Compliance may request supporting documentation or, in more complex cases, request a field investigation.

5. Visits from the Compliance Department

• Our Compliance Department officials are based in various countries, where customers requiring background checks live.
• These officials know the accountholder's work environment, and analyze corporate and financial documents to determine whether consistency exists between an individual's income and their account activity.

The goal of StateTrust Group’s complex and painstaking validation process is to mitigate transaction risks.

Glossary

AML (Anti Money Laundering)

Anti-Money Laundering Actions (AML) are designed to establish legal control measures for companies operating in the financial sector (among other institutions), in order to prevent asset laundering and report illegal or suspicious activities. Money laundering refers to operations aimed at filtering or hiding resources obtained from criminal or fraudulent activities, through transactions that make these resources appear to have been obtained or generated in a legitimate manner. Today, financial institutions around the world are required to report suspicious transactions to authorities in their country or jurisdiction.

Black Money

Funds from illegal operations obtained through:

• Illegal activities such as drug traffic, prostitution, etc.
• Tax evasion

CIP (Customer Identification Program)

Required by US Federal Law, the goal of this program is to prevent and avoid money laundering and/or activities to finance terrorism. Banks must maintain a database with information from all their customers and match this information with various terrorist lists. CIP applies to any individual opening a new account.

Complicity

Bank officials who provide money-launderers with information about internal processes and controls. Criminals use this sensitive information to their advantage.

Due Diligence

The process of knowing and identifying customers through due diligence, includes, among other things:

• Understanding each customer's business, professional and family traits.
• Linking the customer to other governments or military forces.
• Screening information using various international databases.
• Verifying information provided on documents used to open accounts.

Enhanced Due Diligence

A more detailed, painstaking customer investigation process. Through these procedures and requirements, financial institutions are able to verify and validate each customer's identity, profile, and business and banking activities. In addition, these procedures aim to identify information that may point toward higher risk of money laundering activities and/or financing of terrorist acts.

FINRA (Financial Industry Regulatory Authority)

An independent agency that regulates all activities from firms that deal with securities. Its mission is to protect investors and maintain market integrity in the United States.

Front Man/Dummy Corporations

Illegal use of a third party, front business or legal entity, which are used to represent unknown end beneficiaries.

KYC (Know Your Customer)

The process of identifying various aspects of a customer includes collecting information about:

• Personal background
• Source of wealth
• Professional and work-related activities
• Personal and financial references

Mix

Tools used by money-laundering organizations by mixing funds from illegal transactions with funds from a legal business or legitimate individual income.

OFAC (Office of Foreign Assets Control)

Manages and imposes economic and commercial penalties against specific countries and organizations supporting terrorist actions, and international drug traffickers.

Patriot Act

The Patriot Act, which serves as an amendment to the Bank Secrecy Act, was implemented in response to the terrorist attacks of September 11, 2001, in the United States. This set of regulations seeks to prevent and punish terrorist acts carried out on U.S. soil or anywhere in the world.

PEP (Politically Exposed Person)

A term describing a person who serves in public office or is closely related to people engaging in such activities. Because of their post or position of influence, these individuals present higher levels of risk for potential involvement in bribes and corruption.

SAR (Suspicious Activity Report)

The Patriot Act requires that all financial institutions report suspicious activities related to money laundering and financing of terrorist acts.

Structuring

Refers to a concentration of ongoing bank deposits in amounts that are smaller than those monitored by banking institutions. The goal of these intermittent smaller deposits is to accumulate larger amounts.