AML & CFT Policy

Anti-Money Laundering & Counter-Terrorist Financing


Last Updated : 27-11-2025

Kepto Fintech Pvt. Ltd.

1. Introduction

This Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT) Policy establishes the framework adopted by Kepto Fintech Pvt. Ltd. (“Company”, “We”, “Our”) to prevent misuse of our systems for money laundering, terrorist financing, fraud, or any illicit financial activity.

The policy aligns with:

  • The Prevention of Money Laundering Act (PMLA), 2002
  • RBI Master Directions on KYC
  • NPCI Guidelines for BBPS & digital payments
  • FATF (Financial Action Task Force) standards
  • FIU-IND regulatory reporting requirements

Kepto Fintech is committed to maintaining a fully compliant, transparent, and secure financial ecosystem.

2. Objective of the AML/CFT Policy

The primary objectives of this policy are:

  • To prevent the Company’s platforms from being used for money laundering or terrorist financing.
  • To identify suspicious transactions and report them as per FIU-IND norms.
  • To establish risk-based customer verification and screening.
  • To ensure compliance with applicable laws, regulations, and industry best practices.
  • To protect the integrity of India’s financial system.

3. Scope of the Policy

This policy applies to:
- All users/customers (individual or business)
- Merchants and billers
- Partner institutions (banks, NBFCs, BBPS billers)
- Employees, consultants, vendors, and agents
- All fintech products, platforms, APIs, and BBPS services offered by Kepto Fintech

4. Customer Due Diligence (CDD) & KYC

We follow strict Know Your Customer (KYC) procedures before onboarding any customer or merchant.

4.1 KYC Requirements

Based on RBI and NPCI guidelines:
- Full name, address, and identity verification
- PAN and Aadhaar (where applicable)
- Business registration documents for merchant onboarding
- Basic and Full KYC for BBPS consumers as per defined thresholds
- Additional documents for high-risk customers or organizations

4.2 Enhanced Due Diligence (EDD)

EDD is mandatory for higher-risk individuals and entities (e.g., Large transaction patterns, High-risk jurisdictions, PEPs).
EDD may include: Additional documentation, Background verification, Continuous monitoring, and Source-of-funds verification.

5. Transaction Monitoring

We implement automated and manual monitoring techniques to detect:
- Structuring or layering of payments
- Unusually large or repeated transactions
- Attempts to bypass KYC limits
- Payment patterns inconsistent with user profile
- Suspicious BBPS bill payments
- Rapid multiple transactions through different instruments

Alerts are automatically generated for internal review.

6. Reporting of Suspicious Transactions

As a regulated fintech service provider, Kepto Fintech is required to report:

6.1 STR – Suspicious Transaction Reports

Transactions deemed suspicious based on behavior, intent, or unexplained activity are reported to FIU-IND without notifying the user.

6.2 CTR – Cash Transaction Reports

If applicable, cash transactions above defined thresholds are recorded and reported.

6.3 Regulatory Reporting

Reports to RBI / NPCI are submitted as per compliance requirements. The Company strictly adheres to confidentiality rules while submitting such reports.

7. Risk Assessment & Classification

Each user, merchant, and transaction is assigned a risk category:
Low Risk – salaried individuals, small utility bill payments
Medium Risk – SMEs, moderate transaction volume
High Risk – large enterprises, unusual patterns, PEPs

Risk scores are continuously reviewed and updated.

8. Merchant & Partner Due Diligence

For businesses using our payment architecture or CRM systems, we conduct:
- Verification of business registration
- Background and compliance checks
- Assessment of nature of business
- Risk-based ongoing monitoring

Merchants violating AML guidelines may face suspension or termination.

9. Employee Training & Awareness

All employees undergo AML/CFT training programs, fraud detection training, and data privacy practices. Refresher sessions are conducted periodically.

10. Record Keeping

As per PMLA guidelines:
- KYC records are stored for minimum 5 years.
- Transaction logs, audit trails, and risk assessments are maintained securely.
- All records are accessible for regulatory review.

11. Compliance Officer

The Company has appointed a Designated AML Compliance Officer responsible for monitoring AML/CFT programs, approving high-risk users, and coordinating with FIU-IND/NPCI.

12. Prohibited Activities

The Company strictly prohibits:
- Money laundering, terror financing, or illegal fund transfers
- Use of false or forged documents
- Misuse of corporate accounts for personal transactions
- Payments relating to banned activities or goods
- Structuring transactions to evade thresholds

Users involved in such activities will face immediate account suspension, reporting to law enforcement, and legal action.

13. Policy Review & Updates

This AML Policy is reviewed annually or earlier if regulatory norms change. Updated policies will be published on the website.

14. Contact for Compliance Queries

Kepto Fintech Pvt. Ltd.
501, Business Bay Tower, Andheri East, Mumbai – 400059 Maharashtra, India
Email: compliance@keptofintech.com
Phone: 6377605341


Email : compliance@keptofintech.com
Website : www.keptofintech.com
© KEPTO FINTECH PVT. LTD — ALL RIGHTS RESERVED.