Anti-Money Laundering & Counter-Financing of Terrorism Policy

Effective Date: April 2026 | Version 1.0

1. Introduction

PlutoPay is a financial technology platform developed and operated by Pluto Technology Solutions Limited. We are committed to combating money laundering, terrorist financing, and other financial crimes. This AML/CFT Policy outlines our procedures to detect, prevent, and report suspicious activities in compliance with the Money Laundering (Prevention and Prohibition) Act, 2022 (Nigeria), the Central Bank of Nigeria (CBN) AML/CFT Regulations, and the Financial Action Task Force (FATF) recommendations.

This policy applies to all PlutoPay users, employees, and third-party partners.

2. Risk Assessment

PlutoPay conducts ongoing risk assessments based on:

  • Customer identity and jurisdiction
  • Transaction volume and velocity
  • Source of funds
  • Geographic location (high-risk vs low-risk countries)
  • Use of cryptocurrency features

High-risk customers undergo Enhanced Due Diligence (EDD).

3. Customer Due Diligence (CDD) & KYC

PlutoPay implements a tiered KYC verification system:

  • Basic Tier: Phone number, email address, full name
  • Intermediate Tier: Face ID verification (liveness detection)
  • Premium Tier: Government-issued ID (Passport, National ID, Driver's License)

All users are verified before conducting transactions above ₦50,000 ($30 USD equivalent).

4. Transaction Monitoring

PlutoPay employs automated AI-powered transaction monitoring to detect suspicious patterns including:

  • Unusually large transactions relative to user history
  • Rapid successive transactions (velocity)
  • Transactions to/from high-risk jurisdictions
  • Structuring (splitting transactions to avoid reporting thresholds)
  • Transactions with known suspicious addresses or entities

Monitoring occurs in real-time using our SmartPinRiskEngine and AI Fraud Detection systems.

5. Reporting Thresholds

PlutoPay reports the following transactions to the Nigerian Financial Intelligence Unit (NFIU) as required by law:

  • Cash transactions: ₦5,000,000 (or equivalent in foreign currency)
  • Suspicious transactions: Any amount, regardless of threshold
  • International wire transfers: $1,000 or equivalent
  • Crypto transactions: $10,000 or equivalent

Reports are filed within 7 days of detection as required by NFIU guidelines.

6. Suspicious Activity Reporting (SAR)

Any employee who detects suspicious activity must file an internal report to the Compliance Officer within 24 hours. The Compliance Officer will determine whether to file a Suspicious Activity Report (SAR) with the NFIU.

Indicators of suspicious activity include:

  • Reluctance to provide KYC information
  • Use of multiple accounts or aliases
  • Transactions inconsistent with user profile
  • Attempts to circumvent monitoring
  • Known or suspected links to criminal activity

7. Record Keeping

PlutoPay maintains all transaction and KYC records for a minimum of five (5) years after account closure, in compliance with Nigerian law. Records include:

  • Customer identification documents
  • Transaction histories and receipts
  • SAR filings and internal reports
  • Communication logs with customers
  • Audit trails of all system access

8. Employee Training

All PlutoPay employees undergo mandatory AML/CFT training upon hiring and annually thereafter. Training covers:

  • Identifying red flags and suspicious activity
  • Proper KYC/CDD procedures
  • Reporting obligations and confidentiality requirements
  • Consequences of non-compliance

Training records are maintained for inspection by regulators.

9. Compliance Officer

PlutoPay has appointed a designated AML/CFT Compliance Officer responsible for:

  • Overseeing AML/CFT policy implementation
  • Receiving and reviewing internal suspicious activity reports
  • Filing SARs with NFIU
  • Liaising with law enforcement and regulators
  • Conducting periodic policy reviews

Contact the Compliance Officer: compliance@plutopay.com

10. Prohibited Activities

The following activities are strictly prohibited on PlutoPay:

  • Money laundering or terrorist financing
  • Transactions involving sanctioned individuals or entities
  • Use of proceeds from illegal activities (drug trafficking, fraud, corruption, etc.)
  • Circumventing AML/CFT controls
  • Providing false or misleading KYC information

Violations will result in immediate account termination and reporting to relevant authorities.

11. Third-Party VASP Compliance

PlutoPay partners exclusively with licensed Virtual Asset Service Providers (VASPs) who maintain their own AML/CFT programs, including:

  • Quidax (licensed in Nigeria)
  • Paystack (licensed payment gateway)
  • Flutterwave (licensed payment gateway)

PlutoPay conducts due diligence on all partners and requires proof of their regulatory licenses.

12. Penalties for Non-Compliance

Failure to comply with this AML/CFT policy may result in:

  • Account suspension or termination
  • Reporting to NFIU, EFCC, or other regulatory bodies
  • Legal action including criminal prosecution
  • Asset freezing or seizure

PlutoPay reserves the right to withhold funds pending regulatory review or investigation.

13. Policy Review

This AML/CFT Policy is reviewed annually or whenever significant regulatory changes occur. Updates are communicated to users via platform notification and email.

Last reviewed: April 2026

14. Contact Information

For AML/CFT-related inquiries:

By using PlutoPay, you acknowledge that you have read and understood this AML/CFT Policy.