Betur Inc.

/DCPay
AMLA Audit FY2023 - Questions

Area / Activity No.

Compliance Officer 1
Internal Audit 2
3
4
Institutional Risk Assessment 5
6
7
Trainings 8
9
10
Record-Keeping and Documen 11
12
13
14
Customer Risk Assessment 15
16
17
18
19
Reporting 20
21
 Questions
Currently, who is your Chief Compliance Officer (CCO) and your AML Officer (AMLO)?
Do you have internal audit team that ensures compliance to AMLA procedures and policies?
How often do you conduct internal audit related to AMLA or MTPP to ensure that the company meets the standard
policies
How areandthe procedures
findings andand is compliant with
recommendations the regulatory?
monitored until resolution?
Have you performed Institutional Risk Assessment? lf yes, when was this conducted?
Have you documented the risk assessment and findings? If yes, please provide findings and/or recommendations that
were
Who noted in the
performs riskmost recent Institutional
assessment Risk Assessment.
related to AMLA?
What are the AMLA related trainings and/or webinars attended by AML Officer/Compliance Office FY2023?
Other than the AML Officer, do you conduct continuous education and training programs to the Directors, Officers and
Employees,
Do you providewhether internally
refresher or externally organized?
programs?
Every when
Where are therefresher
records ofprograms conducted?
the customers maintained and stored?
Who is responsible in safe-keeping the customers records and data?
How often do you update documents/records of customers?
Who initiates updating records of customers? What is your procedure in updating customers information including
documents
Do you allow andminors
photos?to create account on coin.ph or coinspro?
If no, what is your control in placed in verifying the authenticity if the customer is not giving a fake information and
document?
What tool or system do you use to tag or flag any suspicious activities and transactions of the customer?
In relation to #17 question, what is the function of this system? Who is/are authorized to access the system?
How do you screen or monitor the customer that makes multiple transactions and makes withdrawals or deposits on a
staggered basis within
Who is authorized 24-hourtoperiod?
or allowed access and file CTR or STR through AMLC Portal?
Every when do you file Covered Transaction Report (CTR) and Suspicious Transaction Report (STR)?
 Response(s)
CCO - Robert De Guzman
AMLO
Yes - Macky Magdamit
Annually
Audit observations and recommendations are communicated to control/issue
owners
Yes. 2023and are logged to the audit issue monitoring log. Status of action
plans committed by the control/issue owners are monitored by the IA team
Yes. Findings
to check are documented
the progress in the IRA
of the resolution report.
of the audit observations and/or the
Risk Team
AMLA Trainings from AMLC
Trainings
Yes. 2023.from ARCCO
Annually.
Digitally stored under the DIGICUR
Betur, Inc.
3 to 5 years depending on the risk level
Betur, Inc.
No.
Submission of Valid ID and Selfie
Elliptic and other system/manual flags
For Elliptic - the VA assessment team
We have set of system flags that considers the volume and velocity of the
transactions
AML Reporting of our custoemrs
Team
Within 5 days (CTR) and 60 days (STR)