Corporate Governance
& Compliance

CommerceGate is fully supervised by the Bank of Spain (Banco de España) as a financial institution. CommerceGate complies with all European Union regulations and any additional requirements applicable for the provided payment and financial services.

AML Manual

CommerceGate Payment Solutions S.L.U.

Extract from the Anti-Money Laundering and Counter Terrorist Financing manual

Version number Effective date Date of approval Approved by Justification of amendments
First October 9th, 2019. October 9th, 2019. Board of Directors of CGPS First AML/CFT Manual.
Second March 5th, 2020 March 5th, 2020 Board of Directors of CGPS Review and update of the AML/CFT Manual to include certain new requirements introduced by the Royal Decree-Law 11/2018 of August 31st, transposing directives on the protection of pension commitments to workers, prevention of money laundering and requirements for the entry and residence of third-country nationals and amending Law 39/2015, of October 1, on the Common Administrative Procedure of Public Administrations.
Third February 26th 2021 February 26th 2021 Board of Directors of CGPS Updating of (i) the list of applicable regulations, (ii) the list of positions that give rise to the consideration of a person of public responsibility, (iii) high risk countries, (iv) the applicable sanctioning regime, (v) Customer Risk Assessment, (vi) Customer Acceptance Policy and (vii) correction of SEPBLAC contact email.

1. General considerations

1.1. The Manual (Extract)

The aim of this Anti-Money Laundering and Counter Terrorist Financing Manual (hereinafter the “Manual“) is to set out the rules to be observed by COMMERCEGATE PAYMENT SOLUTIONS, S.L.U. (hereinafter, “CommerceGate“, the “Company” or the “Entity“), as a payment institution, in order to comply with the anti-money laundering and counter terrorist financing regulations in force (“AML/CTF“), for the Entity is obligated to comply in accordance with article 2.1. (h) of Law 10/2010, of April 28, on Anti-Money Laundering and of Counter Terrorist Financing.

The activities carried out by CommerceGate are those of payment institutions as set out in Royal Decree Law 19/2018, of 23 November, on payment services and other urgent financial measures (the “RDPS“), implemented by the Royal Decree 736/2019 of 20 December on the legal regime of payment services and payment institutions (the “Royal Decree 736/2010“).

In compliance with its AML/CTF obligations, CommerceGate will establish the procedures, policies, internal controls and tools necessary to comply with the different regulations coming from both national and international organizations and that will have as an objective the effective fight against operations related to money laundering and terrorist financing, understanding as such the set of mechanisms and procedures oriented to the use of the Financial System, and other economic sectors, in order to give the appearance of legality to capital or assets coming from criminal or illicit activities. To this end, it shall rely on the maximum diligence of all its operational resources in compliance with the rules and procedures that permit effective control of suspicious activity and customers.

In relation to the services it renders, CommerceGate assumes the commitment and obligation to detect operations that may constitute money laundering or terrorist financing and report them to the competent authorities through the established means for that purpose.

1.2. Concept of money laundering

For the purposes of this Manual and in accordance with article 1.2 of Act No. 10/2010, the following activities shall be considered money laundering:

The conversion or transfer of property, knowing that such property is derived from criminal activity or from participation in criminal activity, for the purpose of concealing or disguising the illicit origin of the property or of assisting persons who are involved in evading the legal consequences of their actions.

  • The concealment or disguise of the nature, source, location, disposition, movement, or ownership of property or rights in property, knowing that such property is derived from criminal activity or from an act of participation in criminal activity.
  • The acquisition, possession or use of property, knowing, at the time of receipt, that such property was derived from criminal activity or from an act of participation in criminal activity.
  • participation in, association to commit, attempts to commit and aiding, abetting or counselling the commission of any of the activities referred to in the preceding points.

1.3. Money laundering process

The money laundering process, at a general level, consists of the following phases:

  • Placement: Introduction of criminal cash into the financial circuits.
  • Accumulation, concealment or transformation: Carrying out transfers between different accounts in one or different jurisdictions for the purpose of breaking up, accumulating, concealing, transferring the amounts and depositing them in less rigorous jurisdictions in investigations into the origin of the fortunes or in accounts where the origin of the money has a legal appearance.
  • Integration: Incorporation of the amounts in the financial system under an appearance of legality.

1.4. Terrorist financing

In accordance with the provisions of article 1.3 of Law 10/2010, terrorist financing shall be understood to mean the supply, deposit, distribution or collection of funds or goods, by any means, directly or indirectly, with the intention of using them or with the knowledge that they will be used, in full or in part, for the commission of any of the terrorist offences specified in the Penal Code. Terrorist financing shall be deemed to exist even if the provision or collection of funds or property has taken place in the territory of another State.

2. Due diligence measures

2.1. Introduction and Formal identification of the client

The Company, in compliance with its AML/CTF obligations, has established the procedures, policies, internal controls and tools necessary to comply with the different regulations on the application of due diligence in matters of AML/CTF on its clients, and in particular all those matters related to formal identification, identification of the beneficial owner, the accreditation of the purpose and nature of the business relationship, and the continuous monitoring of the business relationship, applying for this purpose the diligence measures in a graduated manner, based on the risk of the clients and their operations, according to the client segmentation described below.

Under no circumstances will business relationships or operations be carried out with customers, whether individuals or legal entities, that have not been duly identified, unless the applicable regulations allow it (for example, in the application of the provisions of article 4.1 of Royal Decree 304/2014, when simplified due diligence measures are applied depending on the risk, or others legally provided for).

  • The identification documents must be in force at the time of establishing business relations or carrying out occasional operations. In the case of legal entities, the validity of the data contained in the documentation provided must be proven by a statement from the customer.
  • If discrepancies are observed, identification with the physical presence of the customer shall be mandatory.
  • In addition, under no circumstances will any contracting be carried out when the holders are not duly represented.

2.2. Identification of the Ultimate Beneficial Owner

CommerceGate must identify the beneficial owner prior to the establishment of business relationships or the execution of transactions unless applicable regulations permit identification at a later time or exemption from this requirement. With respect to legal persons or legal structures without personality, trusts and any other similar structure, the person responsible for the application of due diligence measures shall request information on the shareholding or control structure in order to determine the beneficial owner.

2.3. Customer admission policy

The assessment of potential customer risks is considered essential to prevent money laundering and the financing of terrorism. CommerceGate has established a specific policy regarding the admission of clients (the “Acceptance Policy”) which is a gradual policy and includes a deep description of those potential customers that could have a higher risk than the average risk because of:

  • The activities the potential customer does and the sector in which he or she is involved.
  • The place where the client comes from and/or the place where he or she resides.
  • The client’s condition of Politically Exposed Persons (PEPs).

In accordance with the Acceptance Publicity and in order to prevent CommerceGate from being used by persons involved in criminal activities related to money laundering or terrorist financing, CommerceGate distinguishes between:

  • acceptable customers
  • customers under control
  • excluded customers.

2.4. Accreditation of activity, knowledge and verification of clients

Clients will be asked for information to ascertain the purpose and nature of the business relationship they wish to establish, and the nature of their professional or business activity generating the funds. Commercegate’s “Know Your Client” policy will require an evaluation of each client based on their initial risk profile, in accordance with the information indicated.

The activities declared by customers will be subject to a verification procedure taking into account the different levels of risk and will be based on obtaining information and documentation relating to the declared activity, obtained from the customer himself or from other sources of information, at the beginning of the business relationship or subsequently. Information shall be obtained on the purpose and intended nature of the business relationship, gathering from all customers information to ascertain the nature of their professional or business activity. Data on economic activity or origin of funds must be incorporated at the time the business relationship is established unless the applicable regulations allow such information to be collected at a later time.

Segmentation of customers according to risk

The categorisation of customer risk allows the application of the due diligence measures described in the previous sections to be graduated according to the level of customer risk. The risks have been categorized into three scales, resulting from the risk analysis, specifically:

SIMPLIFIED due diligence measures Low
NORMAL due diligence measures Medium
ENHANCED due diligence measures High

Segmentation of customers according to risk

2.5. Continuous monitoring of the business relationship

In accordance with Article 6 of Law 10/2010, CommerceGate will apply continuous monitoring measures to the business relationship, including scrutiny of the transactions carried out throughout the relationship to ensure that they are consistent with its knowledge of the customer and its business and risk profile, including the origin of the funds, and to ensure that the documents, data and information available are up to date. Thus, continuous monitoring measures are applied to the business relationship, following up the operations carried out by the customers throughout the said relationship to ensure that they are in keeping with the knowledge available of the customers, their declared activity and their business profile, obtaining, if necessary, updated information and documentation.

It will be necessary to update the economic documents of the clients when the period established for their renewal has elapsed, according to the level of risk assigned to the client. With respect to existing customers, the necessary documentation must be reviewed and updated according to the level of risk assigned. Said documentary review shall be performed, for all customers, on an annual basis and in all cases in the following cases:

  • When the customer’s risk profile is changed, if it moves to a segment with higher due diligence requirements.
  • When there are indications of money laundering or terrorist financing.
  • When there are doubts as to the veracity or adequacy of the data obtained previously or they are not updated.
  • When contracting new products.
  • When a significant operation occurs due to its volume or complexity.