Aml Policies

Introduction

The Nnph AML and CFT Policy establishes the framework for preventing money laundering and terrorism financing across all activities conducted on the Nnph platform. It applies to all customers, transactions, and operational processes and requires adherence by every employee, contractor, and business partner engaged with Nnph.

Scope and Regulatory Alignment

This Policy governs all KYC, AML, and CFT controls implemented by Nnph in accordance with applicable laws and international standards. It implements a risk based approach and covers customer due diligence, ongoing monitoring, transaction screening, record keeping, and reporting obligations. The Policy aligns with the core principles of internationally recognised AML/CFT guidance while operating within the lawful remit of the jurisdictions in which Nnph provides services.

Risk-Based Approach

Nnph applies a risk based framework to identify and mitigate ML/TF risk. The principal risk categories are:

  • Country/Geographical risk arising from the user’s residence or stated domicile.
  • Customer risk related to customer type, purpose, and behavior, including known political exposure or sanctions status.
  • Transaction risk based on the size, velocity, and structure of activities, including cross border and product specific risks.

Risk factors are evaluated to determine the level of due diligence required and the level of ongoing monitoring that will be applied.

Risk Assessment Framework

Nnph employs a structured risk matrix to score likelihood and impact for each customer and product. Examples include:

  • High value, high frequency activity by a single client in a short period.
  • Customers from high risk jurisdictions or with complex ownership structures.
  • Cryptocurrency transactions that involve privacy focused instruments or opaque counterparties.

The risk matrix is reviewed at least annually and updated for material changes in product offerings, customer behavior, or regulatory requirements. Third party risk is integrated into the overall assessment.

Know Your Customer and Customer Due Diligence

On onboarding, customers must provide verifiable information to establish identity and ownership. KYC steps include:

  • Full legal name, date of birth, residential address, nationality, and government issued identification.
  • Sanctions and adverse news screening against recognised lists.
  • Categorisation into Simplified, Standard, or Enhanced Due Diligence based on assessed risk.

Ongoing monitoring applies, with reviews triggered by significant changes in activity or profile. Records are retained as described in data retention requirements below.

Verification Procedures

Verification is conducted when required by risk assessment or regulatory triggers. Documentation may include:

  • A clear copy or photograph of the customer’s government issued identification.
  • A photograph of the payment instrument used or intended for use on the platform, with the cardholder name matching the customer name; CVV and partial card numbers may be concealed in line with data protection rules.
  • A photograph of the customer holding the identification document, or other data as required for verification and address confirmation.
  • Proof of address such as a utility bill, bank statement, or government document in the customer’s name.
  • In certain cases, a video or voice verification may be requested by Nnph Support for additional assurance.

PEP and High-Risk Jurisdiction Verification

Additional verification is required for Politically Exposed Persons and for customers located in or associated with high risk jurisdictions. Measures may include:

  • Enhanced source of funds verification and deeper review of ownership and control structures.
  • Senior management approval for final determination of risk tier and ongoing monitoring intensity.
  • Requests for additional information or documentation commensurate with the identified risk.

A refusal to pass verification, or evidence suggesting the account is used for illicit activity, may result in escalation to competent authorities and restricted access to services.

Activity Monitoring

All user operations are subject to ongoing activity monitoring to identify suspicious patterns. Indicators include:

  • Unusual device or device sharing patterns, multi-device use, or inconsistent geolocation signals.
  • Suspicious login or payment activity, including rapid or alternating use of multiple payment methods.
  • Discrepancies between declared and observed user data or reluctance to complete verification steps.

Any flagged activity is escalated to the antifraud function for risk assessment and further action.

Transaction Monitoring

Transaction monitoring applies to deposits and withdrawals and enforces the following controls:

  • Payments by card must align with the account holder name; third party card use is prohibited.
  • Electronic wallets linked to the account must use the registered email address; deposits from unavailable instruments are not permitted to be withdrawn to the same instrument.
  • Nnph excludes anonymous payment instruments and does not transfer funds to the accounts of another user.

Cryptocurrency related transactions are subject to blockchain analytics and enhanced due diligence where appropriate. Suspicious transactions trigger structured investigations and may be reported as required by law.

Sanctions Compliance

Nnph conducts ongoing screening of customers and transactions against current sanctions lists and maintains a prohibited jurisdictions register. Where a potential match is identified, manual review confirms the result before any action. If sanctions are confirmed, access to accounts or particular transactions is restricted or frozen and appropriate authorities are notified in accordance with legal obligations.

Record Keeping and Data Protection

Documents and data gathered for AML/CFT purposes, including transaction records and supporting evidence, are stored securely and retained for a minimum period of five years or as required by applicable law. All data processing complies with applicable data protection laws and the Nnph privacy policy. Access is limited to authorized personnel and protected against unauthorized disclosure or processing.

Governance and Oversight

The Nnph governance structure assigns clear responsibilities for AML/CFT controls. The Board approves policies, resources, and risk management frameworks; the Compliance Officer drafts and maintains policies, conducts risk assessments, and oversees monitoring, training, and reporting; Internal Audit conducts independent reviews and coordinates corrective actions as needed.

Education and Training

All employees receive AML/CFT training during onboarding and through ongoing programs. Training covers KYC procedures, monitoring systems, sanctions screening, and reporting obligations. Training outcomes are documented for audit and regulatory purposes.

Reporting and Cooperation with Authorities

Suspicious activities are escalated internally to the Compliance Officer and, where required by law, reported to the relevant authorities. The process includes keeping detailed case records, timely SAR filings, and cooperation with law enforcement or supervisory bodies as appropriate.

Policy Amendments

Nnph may amend this Policy at any time. Material changes will be communicated through standard channels. Continued use of the platform after notification indicates acceptance of updated terms.

Definitions

  • Anti Money Laundering AML
  • Counter-Terrorist Financing CFT
  • Know Your Customer KYC
  • Customer Due Diligence CDD
  • Enhanced Due Diligence EDD
  • Suspicious Activity Report SAR
  • Politically Exposed Person PEP
  • Sanctions screening
  • Transaction Monitoring
  • Geographical Risk
AE SexyPragmatic PlayAllBetWM CasinoPlay'n GOSA GamingSpribePG SoftSpadegamingKA GamingJDB GamingJILI GamesPlaystarEvolutionSexy GamingHacksaw GamingDream GamingCQ9 GamingFa Chai Gaming