Company in Lithuania
email

Anti-Money Laundering and Counter-Terrorist Financing Policy

1. Introduction and Purpose

This Anti-Money Laundering and Counter-Terrorist Financing Policy (hereinafter: the “Policy”) has been adopted by Company in Lithuania UAB (hereinafter: the “Company”, “we”, or “us”), a private limited liability company incorporated in the Republic of Lithuania under registration number 304377400, with its registered address at Lvovo g. 25–104, Vilnius, 09320, Lithuania.

The Policy sets out the Company’s commitment to the prevention of money laundering and terrorist financing in all aspects of its business activities, and establishes the internal framework, controls, and procedures through which that commitment is implemented.

1.1 Legal Basis

This Policy has been adopted in compliance with the following legislation and regulatory instruments:

  • Law of the Republic of Lithuania on the Prevention of Money Laundering and Terrorist Financing (Lietuvos Respublikos pinigų plovimo ir teroristų finansavimo prevencijos įstatymas — PPTFPĮ), as amended;
  • Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (Fourth Anti-Money Laundering Directive — 4AMLD), as amended by Directive (EU) 2018/843 (Fifth Anti-Money Laundering Directive — 5AMLD);
  • Financial Action Task Force (FATF) Recommendations on combating money laundering and terrorist financing;
  • Recommendations and guidelines issued by the Financial Crime Investigation Service of the Republic of Lithuania (Finansinių nusikaltimų tyrimo tarnyba — FNTT);
  • Regulation (EU) 2015/847 on information accompanying transfers of funds;
  • All other applicable European Union and Lithuanian Republic legislation relating to the prevention of money laundering and terrorist financing in force from time to time.

1.2 Scope of Application

This Policy applies to:

  • All directors, employees, consultants, and agents of the Company;
  • All services provided by the Company, including company incorporation and registration services, legal advisory services, accounting and bookkeeping services, corporate services, financial licensing advisory, and all other services offered to clients;
  • All business relationships and occasional transactions entered into by the Company with its clients, counterparties, and third parties.

The Company acknowledges that, as a provider of legal, accounting, and corporate services to business clients, it qualifies as an obliged entity (įpareigotasis subjektas) within the meaning of Article 2 of the PPTFPĮ and is accordingly subject to the full scope of AML/CTF obligations established by that law.

2. Definitions

For the purposes of this Policy, the following terms have the meanings set out below:

2.1 Aml/Ctf

Anti-Money Laundering and Counter-Terrorist Financing.

2.2 Beneficial Owner (UBO)

The natural person(s) who ultimately own or control a legal entity, or on whose behalf a transaction or activity is being conducted, as defined in Article 2(9) of the PPTFPĮ, consistent with Article 3(6) of 4AMLD.

2.3 Business Relationship

A business, professional, or commercial relationship connected with the professional activities of the Company which is expected, at the time when contact is established, to have an element of duration.

2.4 Cdd

Customer Due Diligence — the process of identifying and verifying the identity of clients and their beneficial owners, and assessing the purpose and nature of the business relationship.

2.5 Edd

Enhanced Due Diligence — additional measures applied to higher-risk clients, relationships, and transactions, as required by Article 11 of the PPTFPĮ.

2.6 Fntt

Financial Crime Investigation Service (Finansinių nusikaltimų tyrimo tarnyba) — the competent supervisory authority for AML/CTF compliance for non-financial sector obliged entities in Lithuania.

2.7 Forsis

The FNTT’s electronic system for receiving and processing reports of suspicious transactions and activities.

2.8 Jadis

The Lithuanian Centre of Registers’ beneficial ownership register — Juridinių asmenų dalyvių informacinė sistema.

2.9 Mlro

Money Laundering Reporting Officer — the senior individual designated by the Company to receive internal suspicious activity reports and to file reports with the FNTT.

2.10 Money Laundering

Has the meaning assigned to it by Article 2(8) of the PPTFPĮ, consistent with Article 1(3) of 4AMLD — broadly, the conversion, transfer, concealment, disguise, acquisition, possession, or use of property known to be derived from criminal activity.

2.11 Pep

Politically Exposed Person — a natural person who holds or has held a prominent public function, as defined in Article 2(11) of the PPTFPĮ and Article 3(9) of 4AMLD.

2.12 Suspicious Transaction

Any transaction or attempted transaction which gives rise to a suspicion that money laundering or terrorist financing is being or has been committed, or that the funds are derived from criminal activity.

2.13 Terrorist Financing

The provision or collection of funds, directly or indirectly, with the intention that they should be used or in the knowledge that they are to be used to carry out terrorist acts, within the meaning of Article 2(10) of the PPTFPĮ.

3. Aml/Ctf Risk Assessment

3.1 Risk-Based Approach

The Company applies a risk-based approach to the prevention of money laundering and terrorist financing, as required by Article 12 of the PPTFPĮ. This means that the level of due diligence applied to any given client, business relationship, or transaction is proportionate to the assessed risk of money laundering or terrorist financing associated with that client, relationship, or transaction.

3.2 Risk Categories

The Company identifies and assesses risks across four primary dimensions:

3.2.1 Client Risk

Client risk is assessed based on factors including, but not limited to:

  • The client’s legal form and ownership structure;
  • The nationality and country of residence of the client’s beneficial owners;
  • Whether any beneficial owner, director, or authorised representative is a Politically Exposed Person;
  • The client’s business sector and the associated money laundering risks;
  • Whether the client is established, incorporated, or otherwise connected to a high-risk jurisdiction;
  • The source and transparency of the client’s wealth and funds;
  • The client’s prior relationship with the Company or other reputable professional service providers;
  • Adverse media or regulatory action relating to the client or its beneficial owners.

3.2.2 Geographic Risk

Geographic risk is assessed with reference to:

  • The FATF list of high-risk and other monitored jurisdictions;
  • The European Commission’s list of high-risk third countries under Article 9 of 4AMLD;
  • The client’s country of incorporation, the country of residence of its beneficial owners, and the countries in which it conducts its principal business activities;
  • Any country-specific risks identified in guidance issued by the FNTT or the Bank of Lithuania.

3.2.3 Service Risk

Service risk is assessed by reference to the nature of the services requested by the client, including:

  • Company formation and corporate secretarial services — elevated risk where the client seeks complex multi-jurisdictional structures or nominee arrangements;
  • Accounting and bookkeeping — elevated risk where the service involves access to and management of client funds or facilitates cross-border fund transfers;
  • Legal advisory — elevated risk where the service involves advice on transactions, restructurings, or arrangements that could be used to obscure the origin of funds;
  • Financial licensing advisory — elevated risk where the licensed activity will involve the handling of third-party funds;
  • Registered address and virtual office services — elevated risk where the service is used to create a misleading impression of business establishment.

3.2.4 Transaction Risk

Transaction risk factors include:

  • Transactions that appear inconsistent with the client’s known business profile;
  • Unusually large or complex transactions without apparent legitimate purpose;
  • Transactions involving cash or cryptocurrency without a clear business rationale;
  • Transactions where the source of funds is unclear or implausible;
  • Requests for services that appear designed to obscure the identity of the ultimate beneficiary.

3.3 Risk Classification

Based on the assessment of the above risk factors, each client is assigned one of three risk classifications:

  • Low risk — Simplified CDD measures may be applied in accordance with Article 10 of the PPTFPĮ;
  • Standard risk — Standard CDD measures are applied in accordance with Article 9 of the PPTFPĮ;
  • High risk — Enhanced Due Diligence measures are mandatory in accordance with Article 11 of the PPTFPĮ.

3.4 Risk Assessment Review

The Company’s risk assessment is reviewed: (a) annually as part of the annual AML programme review; (b) following any material change in the Company’s business activities, client base, or service offerings; (c) following the publication of updated risk assessments by the FNTT, the Bank of Lithuania, or the European Commission; and (d) whenever a specific transaction, client, or event gives cause for reassessment.

4. Customer Due Diligence (Kyc)

4.1 When CDD Is Required

The Company applies customer due diligence measures before establishing any business relationship, before carrying out any occasional transaction, and on an ongoing basis throughout the duration of each business relationship. CDD must also be applied when there is a suspicion of money laundering or terrorist financing regardless of any other threshold, and when there are doubts about the veracity or adequacy of previously obtained identification data.

4.2 Standard CDD — Natural Persons

For individual clients and beneficial owners who are natural persons, standard CDD requires the collection and verification of the following information:

  • Full legal name;
  • Date and place of birth;
  • Nationality and country of residence;
  • Personal identification number or passport/identity card number;
  • Current residential address;
  • Copy of a valid government-issued identification document (passport, national identity card, or equivalent), certified as a true copy where the client is not physically present;
  • Confirmation of PEP status;
  • Source of funds relevant to the business relationship or transaction.

4.3 Standard CDD — Legal Entities

For corporate clients and other legal entities, standard CDD requires:

  • Full legal name and trade names used;
  • Registered number and jurisdiction of incorporation;
  • Registered address and, where different, principal place of business;
  • Extract from the relevant companies register confirming current registration status (issued within the preceding three months);
  • Articles of association or equivalent constitutional document;
  • Details of all directors and authorised representatives, with identification verification for each;
  • Full beneficial ownership chart identifying all natural persons who ultimately own or control more than 25% of the entity, or who exercise effective control by other means;
  • Verification of beneficial ownership against the JADIS register (for Lithuanian entities) or the equivalent beneficial ownership register for foreign entities;
  • Confirmation of the nature and purpose of the business relationship;
  • Source of funds to be used in the business relationship.

4.4 Enhanced Due Diligence (EDD)

Enhanced Due Diligence is mandatory, in addition to all standard CDD measures, where the Company has identified that a business relationship or transaction presents a higher risk of money laundering or terrorist financing. EDD-triggering circumstances include:

4.4.1 Politically Exposed Persons (PEPs)

Where a client, beneficial owner, director, or controlling person is identified as a PEP, or is a family member or known close associate of a PEP, the Company shall:

  • Obtain written approval from the Company’s Director or MLRO before establishing or continuing the business relationship;
  • Take adequate measures to establish the source of wealth of the PEP and the source of funds used in the business relationship;
  • Apply enhanced ongoing monitoring of the business relationship throughout its duration;
  • Continue to apply EDD for a minimum of twelve (12) months following the date on which the individual ceases to hold a prominent public function.

4.4.2 High-Risk Jurisdictions

Where a client, beneficial owner, or relevant transaction is connected to a jurisdiction identified as high-risk by the FATF, the European Commission, or the FNTT, the Company shall apply additional verification measures proportionate to the specific risks identified, including enhanced source of funds and source of wealth verification and increased monitoring frequency.

4.4.3 Non-Face-to-Face Identification

Where a client is not physically present for identification purposes, the Company shall apply the following additional measures:

  • Certification of identification documents by a notary, lawyer, or other regulated professional in the client’s jurisdiction of residence;
  • Verification of identity through a video identification process where practicable;
  • Confirmation of identity through at least one additional independent source;
  • First payment to be received from a bank account held in the client’s name at a regulated EU credit institution where possible.

4.5 Simplified CDD

Simplified CDD may be applied where the Company has assessed and documented that a business relationship or transaction presents a low risk of money laundering or terrorist financing. Simplified CDD must still address all fundamental identification requirements — it may not consist of the complete omission of CDD measures. The application of simplified CDD must be reviewed whenever there is any change in the assessed risk level.

4.6 Ongoing Monitoring

The Company maintains ongoing monitoring of all existing business relationships to ensure that: (a) transactions are consistent with the Company’s knowledge of the client’s business activities, risk profile, and the source of their funds; and (b) the CDD documentation held for each client remains current, adequate, and accurate. The frequency and intensity of ongoing monitoring is calibrated to the client’s risk classification.

4.7 Inability to Complete CDD

Where the Company is unable to complete CDD measures — whether because the client fails to provide the required documentation, because verification is inconclusive, or for any other reason — the Company shall not establish the business relationship, shall not carry out the requested transaction, and shall consider whether a suspicious transaction report to the FNTT is warranted. Where CDD cannot be completed for an existing client, the Company shall terminate the business relationship in accordance with applicable law.

5. Suspicious Transaction Reporting

5.1 Obligation to Report

Where the Company, or any of its employees, directors, or agents, knows, suspects, or has reasonable grounds to suspect that a transaction or attempted transaction is connected to money laundering or terrorist financing, the Company is required to submit a suspicious transaction report (STR) to the FNTT through the FORSIS electronic reporting system, in accordance with Article 16 of the PPTFPĮ.

5.2 Internal Reporting Procedure

Any employee, director, or agent of the Company who forms a suspicion or becomes aware of a transaction that may be connected to money laundering or terrorist financing must:

  • Immediately report their suspicion in writing to the Money Laundering Reporting Officer (MLRO);
  • Provide the MLRO with all available information relevant to the suspicion, including client identification details, transaction details, and the basis for the suspicion;
  • Refrain from disclosing to the client or any third party that a report has been or may be made (tipping-off prohibition under Article 19 of the PPTFPĮ);
  • Cooperate fully with the MLRO’s assessment and any subsequent investigation.

5.3 MLRO Assessment and FNTT Reporting

Upon receipt of an internal suspicious activity report, the MLRO shall:

  • Assess the report promptly and determine whether the information is sufficient to give rise to a knowledge or suspicion of money laundering or terrorist financing;
  • Gather any additional information available within the Company relevant to the assessment;
  • Where the MLRO determines that there are reasonable grounds for suspicion, submit an STR to the FNTT through FORSIS without undue delay;
  • Record the basis for the decision whether to file or not to file an FNTT report;
  • Maintain a register of all internal reports received and external STRs filed.

5.4 Tipping-Off Prohibition

No person within the scope of this Policy may disclose to the client or to any other person that a suspicious transaction report has been, is being, or may be submitted to the FNTT, or that an AML investigation is underway, unless such disclosure is permitted by law. A breach of the tipping-off prohibition constitutes a criminal offence under Lithuanian law.

5.5 Protection of Reporting Persons

The Company undertakes that no employee, director, or agent who submits a good-faith internal suspicious activity report or cooperates with an AML investigation shall be subject to any adverse treatment, disciplinary action, or retaliation by the Company as a result of such reporting or cooperation, in accordance with the Law on the Protection of Whistleblowers.

6. Record Keeping

6.1 Retention Obligation

The Company retains all records relating to customer due diligence, business relationships, transactions, and suspicious transaction reports for a minimum period of eight (8) years from the date on which the business relationship ends or the transaction is completed, in accordance with Article 25 of the PPTFPĮ.

6.2 Records to be Retained

The following categories of records are maintained by the Company:

  • All CDD documentation collected in relation to each client and business relationship, including identification documents, beneficial ownership information, and verification records;
  • Records of all transactions carried out for or on behalf of clients;
  • The results of any enhanced due diligence investigation;
  • All internal suspicious activity reports submitted to the MLRO;
  • All external STRs submitted to the FNTT, together with supporting materials;
  • Records of AML training attended by employees;
  • Records of the Company’s risk assessment and any updates to it;
  • Records of the annual review of this Policy.

6.3 Format and Accessibility

Records may be maintained in electronic or paper format, or a combination of both. All records must be maintained in a manner that enables their prompt retrieval and production to the FNTT or other competent authority upon request. Where records are held electronically, appropriate security and backup measures are maintained to prevent loss, corruption, or unauthorised access.

7. Money Laundering Reporting Officer and Internal Controls

7.1 Designation of the MLRO

The Company designates a Money Laundering Reporting Officer (MLRO) who is a member of the Company’s senior management or a designated compliance officer with sufficient seniority, independence, and authority to perform the MLRO function effectively. The MLRO is named in the Company’s AML programme and is registered with the FNTT where required.

7.2 MLRO Responsibilities

The MLRO is responsible for:

  • Receiving and assessing all internal suspicious activity reports;
  • Making all decisions regarding the submission of STRs to the FNTT;
  • Maintaining the register of internal and external AML reports;
  • Overseeing the implementation of this Policy and the Company’s wider AML programme;
  • Ensuring that CDD documentation is adequate and current for all active business relationships;
  • Liaising with the FNTT and other competent authorities on AML matters;
  • Keeping abreast of developments in AML legislation and regulatory guidance and updating this Policy and the AML programme accordingly;
  • Organising and overseeing AML training for all relevant personnel.

7.3 Annual Internal Audit

The Company conducts an annual internal review of its AML programme, including this Policy, to assess the adequacy and effectiveness of the controls in place. The results of the annual review are documented and any identified deficiencies are addressed through a remediation plan with defined timelines and responsible persons.

8. Staff Training

The Company ensures that all directors, employees, and relevant agents receive adequate training on AML/CTF obligations, the provisions of this Policy, and the Company’s internal procedures for CDD, suspicious transaction reporting, and record keeping.

8.1 Scope of Training

AML training covers, at minimum:

  • The legal framework for AML/CTF obligations applicable to the Company under the PPTFPĮ and relevant EU legislation;
  • The money laundering and terrorist financing risks relevant to the Company’s specific business activities;
  • The Company’s CDD procedures and the documentation required for each client type;
  • The identification of suspicious transaction indicators relevant to the Company’s service areas;
  • The internal reporting procedure and the role of the MLRO;
  • The tipping-off prohibition and its consequences;
  • The FNTT FORSIS reporting system;
  • Record-keeping obligations.

8.2 Training Frequency

AML training is provided: (a) to all new employees, directors, and relevant agents at the commencement of their engagement; (b) to all relevant personnel on an annual basis to reflect regulatory developments; and (c) on an ad hoc basis whenever a material change in the regulatory framework or the Company’s risk profile makes it necessary.

8.3 Training Records

The Company maintains records of all AML training provided, including the date, the content covered, and the names of all participants. Training records are retained for the period specified in Section 6 of this Policy.

9. Sanctions Screening

The Company screens all clients, beneficial owners, directors, and authorised representatives against applicable sanctions lists before establishing a business relationship, at appropriate intervals during an ongoing relationship, and whenever an update to a relevant sanctions list is published. Applicable sanctions lists include, but are not limited to:

  • EU Consolidated Financial Sanctions List;
  • UN Security Council Consolidated Sanctions List;
  • OFAC Specially Designated Nationals (SDN) List;
  • UK OFSI Consolidated List of Financial Sanctions Targets;
  • Any sanctions designations issued by the Republic of Lithuania.

Where a potential match is identified during sanctions screening, the Company shall not proceed with the transaction or business relationship until the match has been investigated and resolved. Where a confirmed match is identified, the Company shall not establish or continue the business relationship and shall take all steps required under applicable sanctions regulations, including notification of the relevant authority.

10. Policy Review and Updates

This Policy is reviewed and updated at least annually by the MLRO and approved by the Director of the Company. The Policy is also reviewed and updated:

  • Following any material change in Lithuanian or EU AML legislation or regulatory guidance;
  • Following any significant change in the Company’s business activities, client base, or risk profile;
  • Following any FNTT inspection, audit finding, or guidance that identifies deficiencies in the current Policy;
  • Following any significant internal AML incident.

All versions of this Policy are retained in the Company’s records in accordance with the retention period specified in Section 6. The effective version of the Policy is made accessible to all relevant personnel.

11. Consequences of Non-Compliance

Non-compliance with this Policy, or with the underlying AML/CTF legal obligations of which this Policy forms part, may result in:

  • Disciplinary action against the relevant employee or agent, up to and including termination of engagement;
  • Administrative sanctions against the Company imposed by the FNTT, including fines of up to €1,000,000 per violation;
  • Criminal liability for individuals responsible for serious AML/CTF violations;
  • Reputational damage to the Company and its principals;
  • Regulatory consequences affecting the Company’s ability to provide services in regulated sectors.

The Company takes its AML/CTF obligations seriously and will not tolerate wilful non-compliance by any person acting on its behalf.

Menu