Web Analytics Made Easy - Statcounter

TransFi's Privacy Policy

Last Updated: May 2022

1. What is the objective of TransFi’s privacy policy?

The objective of TransFi’s (Trans-Fi Inc.) privacy policy is to commit to protecting the privacy of visitors to our website and our customers.  Please read this carefully as this policy is legally binding when you use our Services. For the purpose of the relevant data protection regulations, TransFi is the “data controller” of your information.

This Privacy Policy describes how we collect, use, handle and, under certain conditions, disclose your personal data, when you access our services, which include our content on the website located at www.transfi.com or any other websites, pages, features, or content we own or operate (collectively, the “Website (s)”), or any TransFi API or third party applications relying on such an API, and related services (referred to collectively hereinafter as “Services”).

This Privacy Policy also explains the steps we have taken to secure your personal information. Finally, this Privacy Policy explains your options regarding the collection, use and disclosure of your personal information. By visiting the site, you accept the practices described in this privacy policy for the site.

If you have any questions about this policy, please send them to support@transfi.com

2. What personal Information do we collect from you?

Personal information means any data which relates to a living individual who can be identified from that data, or from that data and other information which is in the possession of, or is likely to come into the possession of, TransFi (or its representatives or service providers). In addition to factual information, it includes any expression of opinion about an individual and any indication of the intentions of TransFi or any other person in respect of an individual. The definition of personal information depends on the relevant law applicable for your physical location. TransFi may collect and use the following data about you.

2.1 Information you provide to us

This includes information you provide to us in order to establish an account and access our Services. This information is either required by law (e.g. to verify your identity), necessary to provide the requested services (e.g. you will need to provide your bank account number if you would like to link that account to TransFi), or is relevant for our legitimate interests described in greater detail below.

The nature of the Services you are requesting will determine the kind of personal information we might ask for, but may include:

  • Identification Information: Full name, date of birth, nationality, gender, signature, utility bills, photographs, phone number, home address, and/or email;
  • Formal Identification Information: Government issued identity document such as Passport, Driver's License, National Identity Card, State ID Card, Tax ID number, passport number, driver's license details, national identity card details, visa information, and/or any other information deemed necessary to comply with our legal obligations under financial or Anti-Money Laundering laws;
  • Institutional Information: Employer Identification number (or comparable number issued by a government), proof of legal formation (e.g. Articles of Incorporation), personal identification information for all material beneficial owners;
  • Financial Information: Bank account information, payment card primary account number (PAN), transaction history, trading data, and/or tax identification;
  • Transaction Information: Information about the transactions you make on our Services, such as the name of the recipient, your name, the amount and/or timestamp;
  • Employment Information: Office location, job title, and/or description of role; or
  • Correspondence: Survey responses, information provided to our support team or user research team.

2.2 Information we collect automatically or generate about you

This includes information we collect automatically, such as whenever you interact with the Sites or use the Services. With regard to your use of our Services we may automatically collect the following information:

  • Details of the transactions you carry out when using our Services, including geographic location from which the transaction originates;
  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser name, type and version, time zone setting, browser plug-in types and versions, operating system, geolocation/tracking details and platform;
  • Information about your visit, including the authentication data, security questions, full Uniform Resource Locators (URL) clickstream to, through and from our Website or App (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any email used to contact us.
  • Cookies and other Technology. Like many websites, the website employs cookies, location-based services and web beacons (also known as clear GIF technology or “action tags”) to speed your navigation of the Site, recognize you and your access privileges, and track your usage. Please read our Cookie Policy for more information.

2.3 Information collected from third parties

We may receive information about you if you use any of the other websites we operate or the other services we provide This includes information we may obtain about you from third party sources. The main types of third parties we receive your personal information from are:

  • Public Databases, Credit Bureaus & ID Verification Partners in order to verify your identity in accordance with applicable law. ID verification partners use a combination of government records and publicly available information about you to verify your identity. Such information may include your name, address, job role, public employment profile, credit history, status on any sanction’s lists maintained by public authorities, and other relevant data;
  • Blockchain Data to ensure parties using our Services are not engaged in illegal or prohibited activity and to analyze transaction trends for research and development purposes;
  • Marketing Partners & Resellers so that we can better understand which of our Services may be of interest to you;
  • The banks/ financial service providers you use to transfer money to us will provide us with your basic personal information, such as your name and address, as well as your financial information such as your bank account details;
  • Business partners may provide us with your name and address, as well as financial information, such as card payment information; and
  • Advertising networks, analytics providers and search information providers may provide us with pseudonymised information about you, such as confirming how you found our website.

3. How do we use your personal information?

We may use your information in the following ways and for the following purposes:

(a) Internal Use: We use your personal information to provide you with our services. We may internally use your personal information to improve the Site’s content and layout, to improve our outreach and for our own marketing efforts (including marketing our services to you), and to determine general information about visitors’ usage behavior to the Site. We require certain information such as your identification, contact and payment information. Third parties that we use such as identity verification services may also access and/or collect your personal information when providing identity verification and/or fraud prevention services. In addition, we may need to collect fees based on your use of our Services. We collect information about your account usage and closely monitor your interactions with our Services. The consequences of not processing your personal information for such purposes is the termination of your account.

(b) Communications with You: According to your preferences and in compliance with applicable law, we may send you marketing communications to inform you about events, to deliver targeted marketing and to share promotional offers. If you are a new customer, we will contact you by electronic means for marketing purposes only if you have consented to such communication. If you do not want us to send you marketing communications, please go to your account settings to opt-out or submit a request via support@transfi.com.

We may send you service updates regarding administrative or account-related information, security issues, or other transaction-related information. These communications are important to share developments relating to your account that may affect how you can use our Services. You cannot opt-out of receiving critical service communications.

We also process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.

(c) To maintain legal and regulatory compliance: TransFi needs to process your personal information in order to comply with Anti-Money Laundering and security laws. In addition, when you seek to link a bank account to your TransFi account, we may require you to provide additional information which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. We may be required to disclose certain information in response to requests from law-enforcement officials conducting investigations; subpoenas; a court order; or if we are otherwise required to disclose such information by law. We also will release personal information where disclosure is necessary to protect our legal rights, enforce other agreements, or to protect ourselves or others. For example, we may share information to reduce the risk of fraud or if someone uses or attempts to use the website for illegal reasons or to commit fraud. We also process your personal information in order to help detect, prevent, and mitigate fraud and abuse of our Services and to protect you against account compromise or funds loss. If you do not provide personal information required by law, we will have to close your account.

(d) External Use: We disclose information to our service providers to help enable them to perform services on your behalf. For example, in order to purchase and custody cryptos & or virtual digital assets, we must share some information with third parties, such as your name, email address, physical address, social security number, date of birth, government-issued identification and the amount of cryptos & or virtual digital assets being purchased. Similarly, when we obtain bank account information for ACH transaction and credit card or debit card information, a third-party receives that information to process the payment in connection with the sale of cryptos & or virtual digital assets. Even when you ask us to remember your bank account information, or credit card or debit card information, we do not store sensitive payment data such as the entire credit card number and CVV. Rather, we pass the payment data to the third-party processor and receive back from them a token that does not contain the sensitive data. We do retain non-sensitive payment data used to identify a payment such as the last four digits of a card number and expiration date.

We may share non-personal information (such as the number of daily visitors to the website or the size of an order placed on as certain date) with third parties. This information does not directly personally identify you or any user. For the avoidance of doubt, any IP addresses or a device or other identifier we collect may be shared with one or more third parties.

(e) In our legitimate business interests: Sometimes the processing of your personal information is necessary for our legitimate business interests, such as:

  • quality control and staff training;
  • to enhance security, monitor and verify identity or service access, and to combat spam or other malware or security risks;
  • research and development purposes;
  • to enhance your experience of our Services and Sites; or
  • to facilitate corporate acquisitions, mergers, or transactions.

4. Do we disclose your personal information to third parties?

We allow your personal information to be accessed only by those who require access to perform their work and share it only with third parties who have a legitimate purpose for accessing it. TransFi will never sell or rent your personal information to third parties without your explicit consent. We will only share your personal information with the selected third parties including:

  • Identity verification services to prevent fraud. This allows TransFi to confirm your identity by comparing the information you provide us to public records and other third-party databases;
  • Financial institutions which we partner with to process payments you have authorized;
  • Affiliates, business partners, suppliers and sub-contractors for the performance and execution of any contract we enter into with them or you;
  • Advertisers and advertising networks solely to select and serve relevant adverts to you and others;
  • Analytics and search engine providers that assist us in the improvement and optimisation of our site;
  • Companies or other third parties in connection with business transfers or bankruptcy proceedings;
  • Companies or other entities that purchase TransFi assets;
  • Law enforcement, regulators, or any other third parties when we are compelled to do so by applicable law or if we have a good faith belief that such use is reasonably necessary, including to protect the rights, property, or safety of TransFi, TransFi customers, third party, or the public; comply with legal obligations or requests; enforce our terms and other agreements; or detect or otherwise address security, fraud, or technical issues; and
  • If you authorize one or more third-party applications to access your TransFi Services, then information you have provided to TransFi may be shared with those third parties. A connection you authorize or enable between your TransFi account and a non-TransFi account, payment instrument, or platform is considered an “account connection.” Unless you provide further permissions, TransFi will not authorize these third parties to use this information for any purpose other than to facilitate your transactions using TransFi Services. Please note that third parties you interact with, should have their own privacy policies and TransFi is not responsible for their operations or their use of data they collect.

Examples of account connections include:

Merchants: If you use your TransFi account to conduct a transaction with a third-party merchant, the merchant may provide data about you and your transaction to us.

Your financial services providers: For example, if you send us funds from your bank account, your bank will provide us with identifying information in addition to information about your account in order to complete the transaction.

5. Do we link to other sites?

Our website may contain links to other websites for your convenience or information. These websites may be operated by companies unaffiliated with TransFi, and we are not responsible for the content or privacy practices of those websites. Linked websites may have their own terms of use and privacy policies, and we encourage you to review those policies whenever you visit the websites.

6. How do we protect and store personal information?

TransFi implements and maintains reasonable measures to protect your information. Customer files are protected with safeguards according to the sensitivity of the relevant information. Reasonable controls (such as restricted access) are placed on our computer systems.

TransFi is an international business with operations in multiple countries. This means we may transfer to locations outside of your country. When we transfer your personal information to another country, we will ensure that any transfer of your personal information is compliant with applicable data protection law.

We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the US and elsewhere in the world where our facilities or service providers are located. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.

As a condition of employment, TransFi’s employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive personal information is limited to those employees who need to it to perform their roles. Unauthorized use or disclosure of confidential customer information by a TransFi employee is prohibited and may result in disciplinary measures.

Finally, we rely on third-party service providers for the physical security of some of our computer hardware. We require those third-party service providers to comply with commercially reasonable security practices and measures. For example, when you visit our website, you access servers that are kept in a secure environment. While we use industry-standard precautions to safeguard your personal information, we cannot and do not guarantee complete security. 100% complete security does not exist anywhere online or offline. As such, you assume the risk of security breaches and all consequences resulting from them. To that end, please safeguard your credentials.

If we anonymize your personal information so that it can no longer be associated with you, it will no longer be considered personal information, and we can use it without further notice to you.

We do not knowingly request to collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, TransFi will require the user to close his or her account and will not allow the user to continue using our Services. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.

We retain the personal information we collect for so long as reasonably necessary to fulfill the purposes for which the data was collected and to perform our contractual and legal obligations. Not with standing the generality of the foregoing, we store email addresses and phone numbers until the user requests to be unsubscribed or removes themselves through any self-service tools offered to the user. 

7. Do we do any profiling and automated decision making?

We may use some instances of your data in order customise our services and the information we provide to you, and to address your needs - such as your country of address and transaction history. For example, if you frequently send funds from one particular currency to another, we may use this information to inform you of new product updates or features that may be useful for you. When we do this, we take all necessary measures to ensure that your privacy and security are protected - and we only use pseudonymised data wherever possible. This activity has no legal effect on you.  

8. What are your privacy and information access rights?

Depending on applicable law of where you reside, you may be able to assert certain rights related to your personal information. These rights include:

  • the right to obtain information regarding the processing of your personal information and access to the personal information which we hold about you;
  • the right to withdraw your consent to the processing of your personal information at any time. Please note, however, that we may still be entitled to process your personal information if we have another legitimate reason for doing so (for example, we may need to retain personal information to comply with a legal obligation);
  • in some circumstances, the right to receive some personal information in a structured, commonly-used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal information which you have provided directly to TransFi;
  • the right to request that we rectify your personal information if it is inaccurate or incomplete;
  • the right to request that we erase your personal information in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal information, but we are legally entitled to retain it;
  • the right to object to, or request that we restrict, our processing of your personal information in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal information but we are legally entitled to refuse that request;
  • the right to lodge a complaint with the relevant data protection regulator if you think that any of your rights have been infringed by us; and
  • the right to transfer your personal data between data controllers, for example, to move your account details from one online platform to another.

Our Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for them. Please check these policies before you submit any personal data to these websites. Further information about your rights may be obtained by contacting the supervisory data protection authority located in your jurisdiction.

Subject to applicable laws, you may have the right to access information we held about you. Your right of access can be exercised in accordance with the relevant data protection legislation.

9. How often is the Privacy Policy updated?

We may update this Privacy Policy from time to time and without prior notice to you to reflect changes in our information practices, and any such amendments shall apply to information already collected and to be collected. Your continued use of the website after any changes to this Privacy Policy indicates your agreement with the terms of the revised Privacy Policy. Please review this Privacy Policy periodically and especially before you provide personal data to us. If we make material changes to this Privacy Policy, we will notify you here, by email or by means of a notice on the home page the website. The date of the last update of the Privacy Policy is indicated at the top of this document.

10. How can you contact us regarding any privacy issues?

TransFi is headquartered at:

100 Ashley Drive,
Suite 600,
Tampa, FL 33602,
USA

If you have questions or concerns regarding this Privacy Policy, please contact us at support@transfi.com

TransFi AML KYC policy

Last updated: May 2022

The guidelines contained in this reference intend to provide guidance to Trans-Fi Inc. Staff and its customers, regarding practices and standards that Trans-Fi Inc. (TransFi) expect to have in place, in order to detect and prevent money laundering and terrorist financing; identify and report suspicious activity; comply with anti-terrorism and sanctions laws and regulations; and other relevant international laws.

1. POLICY STATEMENT AND OBJECTIVES

TransFi have created this Compliance Policy Guide to:

  • Assist its employees in complying with the laws, rules and regulations across jurisdictions in our collective effort to ensure that the services that TransFi provides are fully compliant;
  • Put in place appropriate systems and controls to ensure compliance with policies;
  • Develop a risk-based approach to manage money-laundering and terrorist financing risk;
  • Set clear customer due diligence procedures, including Identification & Verification (ID&V) and KYC, and providing guidance when enhanced due diligence is required;
  • Conduct transaction monitoring to detect unusual and suspicious activity and to report to local supervisory authorities; and
  • Take appropriate measures to freeze or close relationships to mitigate financial crime risk.

This Guide, coupled with internal controls, independent compliance testing and appropriate training, are the key segments of TransFi’s Anti-Money Laundering (AML) and Know-Your-Customer & Business (KYC/KYB) policies.

The greatest risk faced by TransFi lies in the broad area of money laundering. A failure to comply with government rules and requirements can lead to civil fines and penalties, the seizure and forfeiture of bank accounts and other assets, and criminal prosecution. These legal actions can, potentially, be applied to TransFi and/or responsible officers and employees as well as, any duly authorized Customers, to whom we provide services. Also critically important is the ability of TransFi to maintain sound banking relationships that are an absolute requisite for successful business functionality.

Money laundering is the process of causing financial transactions to take place, with the proceeds of criminal activity in such a manner as to conceal the source, illicit origin, or true ownership of the asset. The transactions may also include assisting or facilitating criminal activities such as terrorist financing, drug and human trafficking, proliferation of weapons of mass destruction, corruption & bribery, amongst others.

In order to not be caught committing such illegal activities, criminal groups or individuals do not want to be identified and will seek to conduct transactions in such a way as to defeat these reporting requirements. Given these facts, compliance with “Know Your Customer” & Know Your Business (KYC & KYB) become an unquestionable requirement. As we customize and provide services to financial institutions, these requirements become subject to the strictest adherence.

TransFi’s AML/KYC & KYB policy covers the following elements:

  • Customer Due Diligence which includes Identification & Verification requirements (ID&V), Know Your Customer and Business as well as Enhanced Due Diligence (EDD) when required;
  • TransFi Compliance department;
  • Risk Management;
  • Transaction Monitoring;
  • Customer Compliance Program;
  • Prohibited Customer Types;
  • Law enforcement requests; and
  • Conclusions.

2. KNOW YOUR CUSTOMER & IDENTIFICATION & VERIFICATION REQUIREMENTS

KYC laws have been a standard AML obligation around the world for decades and were introduced in the United States in 2001 with the USA Patriot Act1 in order to help detect and prevent terrorism financing activities.

TransFi is an international services provider in a host of countries within which it provides its services. Regulatory requirements across the world require customer due diligence as a critical tool to preventing illegal activity. TransFi has set up data collection, verification, analytics, investigation and reporting processes within the standards of Anti-Money Laundering regulations through its “Know Your Customer (KYC/KYB)” framework. Key elements of this framework are

A. Identification& Verification (ID&V)

To maintain practical policies concerning the need to “Know Your Customer” the business must verify the identity of its customers/ Users. For individual users this includes name and address. A single form of verification may be accepted like a valid Government issued document accurately contains the users name and date of birth for individuals. The same can be verified thru electronic verification means. Acceptable forms of identification for an Individual user would vary by country of operation and include one or more of the following:

  • National ID;
  • Driver’s license;
  • Passport;
  • Residence permit for a foreign national;
  • Any other acceptable ID allowed by regulation in the geography (e.g. PAN card in India); and
  • Valid Address document like a Utility bill/bank statement (could be any of the above if they have the complete address not merely a PO Box).

Similarly Acceptable forms of identification for a customer or a corporate (KYB) would include the following:

  • Proof of registration- Company Registration /Incorporation;
  • Shareholder Certificates (>25%) mandatory;
  • Valid Certificate of Incumbency (Signed by all necessary beneficiaries) - Clearly listing the ownership percentage of all current directors, officers and key stakeholders (last 6months to one year);
  • Memorandum of Association (MOA) & Articles of Association (AOA) wherever applicable- Theses document sets out how a company is operated, governed and owned and the extent of Authority/ powers key executives hold;
  • Official address or Principal business address (proof of address);
  • EIN / TIN;
  • All ID docs for natural persons owning >25% of the legal entity and any natural person who is a controlling person or the Ultimate Beneficial Owner (UBO). All the company’s beneficiaries (that own 25% or more) will need to individually complete the KYC process; and
  • Ref to the list of documents listed for individuals above.

TransFi will take steps to confirm the authenticity of documents and information provided by users and customers, including verification with regulatory / government sources, and running analytics. Identification information taken above will be collected, stored, shared and protected strictly in accordance with TransFi’s Privacy Policy related regulations.

Once the identity has been verified, TransFi is no longer legally liable in a situation where its products & services are used to conduct illegal activities.

B. Enhanced Due Diligence (EDD)

TransFi reserves the right to flag users & customers presenting a higher risk (e.g. politically exposed persons – PEPs) and request additional documents & verification. If an EDD requires an investigation, TransFi will take any such measures as deemed fit. If the enhanced due diligence is not complied with to TransFi’s satisfaction, we reserve the right to reject such users & customers from onboarding to TransFi’s products & services. TransFi will also be within its rights to report any failed EDD instances to law enforcement authorities, as deemed appropriate.

C. Ongoing monitoring

TransFi will have the right to verify the identity of users and customers on an ongoing basis, especially if there has been any change in the identification information or their activities are deemed suspicious. Such activities could include, though not limited to, changes in customer information, address, ownership, and activities wherein KYC details will be updated on an ongoing basis. TransFi reserves the right to ask such users for updated KYC documents, even if they have been successfully verified in the past.

D. Acceptable sources of funds

TransFi acceptable sources of funds would include internationally accepted payment methods, that the company may from time to time allow. These include:

  • Bank accounts;
  • Credit cards;
  • Debit cards;
  • US wire;
  • International wire;
  • US ACH;
  • Standard local payment methods (e.g., UPI in India, Go Pay in Indonesia, Pay Pay in Japan etc.); and
  • SEPA.

TransFi reserves the right to block transactions from any sources of funds that are known beneficiaries of corruption & illegal activities.

E. Transaction blocking

TransFi is prohibited from transacting with individuals, companies and countries that fail KYC or are on prescribed sanction lists. As such, TransFi will block transactions of users & customers that:

  • Fail KYC at any point in time;
  • Are on prescribed sanctions list (e.g.,OFAC); and
  • Are in sanctioned jurisdictions as per United Nations, US, European Union, and UK Treasury.

3. TransFi Compliance Department

TransFi has established a Compliance Department that is headed by a designated Compliance Officer, who is tasked to ensure implementation and enforcement of the AML / KYC policy. With support and oversight of transactional and administrative practices, the Compliance Officer is responsible to supervise all aspects of TransFi’s Anti Money Laundering and Counter-Terrorist Financing policies and ensures compliance with laws and regulations.

The scope of Compliance department’s efforts includes, but not limited to the following:

  • Collecting user’s identification information & conducting relevant checks as appropriate;
  • Establishing and updating internal policies and procedures for the completion, review, submission and retention of all reports and records required under the applicable laws and regulations;
  • Monitoring transactions and investigating any significant deviations from normal activity;
  • Implementing a records management system for appropriate storage and retrieval of documents, files, forms and logs;
  • Conducting a business risk assessment on a periodic basis; and
  • Providing law enforcement with information as required under the applicable laws and regulations.

The Compliance Officer is also empowered to interact with law enforcement in connection with prevention of any money laundering, terrorist financing and other illegal activities.

4. Risk Management

Risk assessment is a process, whereby a methodology is maintained to identify and measure the inherent financial crime risk to which the firm is exposed, assess the coverage of controls to mitigate these risks and determine the residual levels. This is done in order to estimate the threat to compliant practices, as TransFi provides services to its customers, are calculated; and as may be necessary, eliminated, reduced or controlled. The main purpose of risk assessment is to identify transactions that may threaten to take advantage of compliance vulnerabilities and evaluate the risks presented, to effectively conduct the elimination of such threats.

TransFi has adopted a risk-based approach to combating money laundering and terrorist financing. This approach applies both to individual transactions and TransFi customers. By adopting a risk-based approach, TranFi is able to ensure that measures taken are commensurate to the identified risks, thereby enabling efficient allocation of resources. This principle also ensures that the greatest risks receive the highest attention.

The Business AML risk assessment will cover at minimum all markets where TransFi has business presence, all aspects of the business and AML related processes.

5. Transaction Monitoring

Regulations across jurisdictions require TransFi to monitor and analyze transactions of both individual users and customers. TransFi uses a comprehensive approach of transaction monitoring including, but not limited to:

  • Daily check of users against recognized “blacklists” (e.g. OFAC or any other Specially Designated National (SDN) list as prescribed in other jurisdictions), aggregating transfers by multiple data points, placing users on watch and service denial lists, opening cases for investigation where needed, sending internal communications and filing out statutory reports, if applicable;
  • Regular filing of reports such as Currency Transaction Reports, Filing Suspicious Activity Reports;
  • Requesting users and customers for any additional information and documents in case of suspicious transactions, including suspending or terminating accounts when TransFi has reasonable suspicion of illegal activity;
  • Maintaining a record of all transactions as required by the respective regulatory authority in their respective countries or for a period dictated by laws and regulations in the jurisdiction which they operate; and
  • During the term of the relationship with a customer, or given the case that there is cause for its termination to be considered, TransFi will provide reasonable notice to the customer, in order to inspect and review the customer’s books and records relating to the matter at hand.

TransFi’s transaction monitoring process involves data capture & analysis, record keeping, investigation management & reporting. In addition, the Compliance Officer is authorized to take any appropriate actions to ensure compliance with laws & regulations.

6. Customer Compliance Program

Essential to TransFi’s ability to comply with secrecy & privacy rules and regulations and to ensure that the company does not become associated with illicit activities, an effective internal compliance program is a must. The Customer Compliance Program should include:

  • A system of internal controls to ensure ongoing compliance with laws, rules and regulations in the jurisdiction of operation;
  • Independent testing of compliance with established policies and procedures; and
  • Training of all employees under TransFi and its subsidiaries.

These items are the basic elements of a sound compliance program that all money services businesses, which includes TransFi and its customers must have.

7. Prohibited Customer Types

Transfi will. Not establish business relationships with customer who pose serious money laundering risks as it fall outside the firms risk appetite. Transfi will not under any circumstances accept the following types of customers.

  • Known beneficiaries of Corruptions or Illegal Activities;
  • Shell company’s/shell banks;
  • Unregulated casinos;
  • Incomplete CDD;
  • Unregulated money transmitters; and
  • Customers with bearer shares in the ownership structure.

8. Law Enforcement Requests

Government regulators and law enforcement agencies may seek information and records from time to time. Any person associated or connected with our company, who receives or is served with a summons, subpoena or court order related to TransFi business should immediately contact the TransFi Compliance Department for further assistance.

The company will assist entities in their investigations, provided the request(s) is / are conducted in a lawful manner.

Examinations by the IRS as representatives of FINCEN and other local regulatory bodies

The IRS are empowered by law to conduct spot checks and detailed examinations to determine whether registered money services businesses are complying with the Bank Secrecy Act and laws. Attention is normally focused on transaction reporting and record keeping requirements. In fulfilling this requirement, The IRS are entitled to see all subject records and TransFi will always comply with the examination process.

If a customer is subject to an examination with the IRS, TransFi will require the customer share the results of the audit.

Similarly, for jurisdictions outside the US, if a customer is subject to an examination by an equivalent local regulatory body, TransFi will always comply with the examination process.

For any law enforcement requests, please direct your official document to our Compliance team at compliance@transfi.com

9. Conclusions

TransFi is compelled by policy to operate in a legal and responsible manner. The company will remain compliant, in all aspects, with all laws, rules, regulations across jurisdiction’s, as well as, extend its full cooperation to law enforcement and regulatory authorities, maintain records, as per regulatory requirements and in accordance with TransFi’s policies and procedures.

TransFi will not tolerate that its reputation and the sound business practice the company has developed and implemented be put in jeopardy.

TransFi expects its customers to do their part to ensure full compliance with all aspects and the spirit of this reference and TransFi’s Anti-Money Laundering policies and procedures, and support TransFi as it strives to maintain its progressive stance in the industry.

1The USA Patriot Act requires all financial institutions to develop and implement their own AML program and emphasizes a number of mandatory checks and screening capabilities. Accordingly, a firm’s USA Patriot Act Anti-Money Laundering program must be built around the following criteria:

  • The company must develop internal Anti-Money Laundering policies, procedures, and controls;
  • An AML Compliance Officer must be appointed to oversee the Anti-Money Laundering program;
  • Employees must receive ongoing Anti-Money Laundering training; and
  • The Anti-Money Laundering program must be independently audited regularly.

2The Financial Action Task Force (FATF) defines UBO as “the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement.” UBO is defined as the below.

  • Owing >= 25% of share capital;
  • Exercise at least 25% of voting rights;
  • Beneficiaries of at least 25% of an entity’s capital;
  • Persons with power of attorney;
  • Guardians of minors;
  • Corporate directors or nominee directors that are appointed to conceal the true owners of a given firm; and
  • Shareholders, including the holders of bearer shares that may be transferred anonymously.

TransFi's Security policy

Last updated: July 2022

Security and privacy are main priorities for TransFi. Our security policies and measures are constantly reviewed to ensure they are up to date and compliant with the industry standards.

Data Encryption

All data sent to or from TransFi's infrastructure is encrypted in transit using Transport Layer Security (TLS) version 1.2 or later, and secured against downgrade attacks using a robust HTTP Strict Transport Security (HSTS) policy. 

All TransFi data is encrypted at rest using AES-256 block-level storage encryption and stored in ISO27001 and PCI DSS compliant datacenters.

Business Continuity and Disaster Recovery

TransFi backs up its critical assets and are encrypted using AES with 256-bit keys and stored in ISO27001 and PCI DSS compliant datacenters.

Secure Development

TransFi has at its disposal processes and tooling that enables us to continuously deliver secure software to our cloud infrastructure and applications.

  • All code changes go through a code review process and require at least one approval from a different member of the engineering team.
  • TransFi's security team works hand in hand with the engineering teams to provide assistance during the different stages of the software development lifecycle (SDLC).

Security Monitoring and Protection

  • We use security monitoring solutions to obtain visibility into our organization security, identify attacks and quickly respond to security incidents.
  • We use error monitoring, alerting and anomaly detection technologies in all our production systems.
  • We collect logs and retain them during at least one year, to provide an audit trail of our systems activity.

Internal security

TransFi employees are required to use company-provided devices that are managed through a mobile device management solution. This allows our security and IT teams to enforce security policies, deploy other endpoint protection solutions and wipe devices remotely.

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.