AML Compliance Policy

Legal Information

CRABSI PAYMENTS CORP., a company established under the laws of Canada, is registered at 80 Atlantic Ave, Toronto, Ontario, Canada, M6K1X9 under the registration number 1000491725, and was incorporated on 05.04.2023. The company operates through its website: https://crabsi.com.

General Provisions

This AML Compliance Policy (hereinafter referred to as the “Policy”) has been developed in line with international anti-money laundering (AML) standards and applicable Canadian laws, including the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA).

CRABSI PAYMENTS CORP. (hereinafter referred to as the “Company”) is committed to preventing money laundering, terrorist financing, and related financial crimes through robust internal controls, procedures, and compliance measures.

The Policy establishes:

  • Obligations for the Company and its employees.
  • Processes for client verification, risk assessment, and transaction monitoring.
  • Measures to ensure compliance with FINTRAC requirements.

The Policy applies to all clients utilizing the Company’s services.

Organizational Basis for AML Control Methods

Approval and Review

This Policy is approved and updated annually by the Company’s senior management to align with regulatory changes and industry best practices.

Control Methods

The Company employs a set of control methods to:

  • Verify client identity and assess risks during onboarding and throughout the business relationship.
  • Monitor transactions to detect and prevent suspicious activities.

Control methods include Know-Your-Client (KYC), Know-Your-Business (KYB), and Know-Your-Transaction (KYT) procedures, as prescribed by AML legislation and internal guidelines.

Client Verification Program

Client Identification

The Company conducts initial verification based on identification documents provided by clients:

  • For individuals: Full name, government-issued ID, date of birth, address, tax residency, source of funds, and political exposure status.
  • For legal entities: Corporate registration details, beneficial ownership and board management information, and documentation confirming the authority of representatives.

Verification is conducted using official sources, state registries, or notarized documents when required. Clients must be prepared to provide:

  • Proof of identity (passport, national ID card, or driver’s license).
  • Proof of address (utility bills, bank statements, or rental agreements).
  • Source of funds (bank statements, pay slips, or investment records).
  • For legal entities: Certificates of incorporation, shareholder and director registers, and corporate structure diagrams.

Unsupported Countries and Activities

The Company does not provide services to individuals or entities from unsupported countries listed in Exhibit A. Additionally, clients involved in restricted activities listed in Exhibit B are prohibited from transacting with the Company.

Risk Management Measures

Commercial Relationships

A business relationship is initiated only after the client agrees to comply with this Policy. The Company ensures continuous risk assessment throughout the client relationship, adjusting risk scores as circumstances change.

Transaction Monitoring

The Company monitors all transactions, including internal and cross-border transactions, using automated tools. Clients may be required to provide additional documentation or explanations for specific transactions. Examples include:

  • Invoices or contracts supporting a transaction.
  • Proof of the relationship between parties in a transaction.
  • Explanation of the purpose of funds.

Failure to comply may result in transaction denial.

High-Risk Clients

The Company conducts enhanced due diligence (EDD) for high-risk clients, which may include:

  • Detailed scrutiny of transactions.
  • Verification of beneficial ownership through multiple layers of documentation.
  • Ongoing monitoring of account activities.

Record Keeping

Document Retention

The Company retains all documents related to client verification, transactions, and business relationships for at least five years after the termination of the relationship.

Beneficial Ownership

Beneficial ownership information is collected for all legal entities, ensuring transparency and compliance with AML requirements. If beneficial ownership cannot be determined, the client is classified as high-risk.

Reference Sources

The Company follows FINTRAC’s guidelines for record-keeping and client verification: Record Keeping Guidance.

Reporting Obligations

Reporting to FINTRAC

We have established internal controls to identify and report suspicious activity to the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). All employees are required to report any suspicious activity that they become aware of to the Compliance Officer and to the relevant authorities. 

Reporting Procedures

Reports are submitted electronically using FINTRAC’s designated systems. All reports are retained for five years.

Compliance Responsibilities

Compliance Officer

The Compliance Officer oversees the implementation of this Policy, including:

  • Client and transaction monitoring.
  • Reporting to FINTRAC.
  • Conducting training for employees.

Client Obligations

Clients are required to:

  • Provide accurate and complete information during onboarding.
  • Submit additional documentation when requested, including proof of identity, address, and source of funds.
  • Comply with the Company’s transaction monitoring requirements.

Failure to comply may result in service denial or termination of the business relationship.

Additional Information for Clients

Prohibited Transactions

The Company does not permit transactions involving:

  • Anonymous or pseudonymous accounts.
  • Funds originating from or directed to countries listed in Exhibit A.
  • Activities outlined in Exhibit B.

Examples of Restricted Activities

Examples of restricted activities include:

  • Fraudulent or unlawful business operations.
  • Trade in arms, munitions, or illicit goods.
  • Cryptocurrency mining or Ponzi schemes.
  • Transactions involving unregulated charities or high-value goods dealers.

Exhibits

Exhibit A: Unsupported Countries

  • Abkhazia
  • Afghanistan
  • Antarctica
  • Barbados
  • Burkina Faso
  • Cameroon
  • Chad
  • Congo (the Democratic Republic of the)
  • Crimea
  • Cuba
  • Haiti
  • Iran (the Islamic Republic of)
  • Iraq
  • Jamaica
  • Korea (the Democratic People’s Republic of)
  • Mali
  • Mozambique
  • Myanmar
  • Pakistan
  • Palestine, State of
  • Panama
  • Russian Federation (the)
  • Somalia
  • South Ossetia
  • South Sudan
  • Syrian Arab Republic (the)
  • Togo
  • Trinidad and Tobago
  • Vanuatu
  • Yemen

Exhibit B: Restricted Activities and Customers

The Company does not enter into any transaction with clients performing restricted activities:

  • Any unlawful or fraudulent business or activity.
  • Any business that violates applicable local, national, federal, or international law or regulation.
  • Intellectual property or proprietary rights infringement.
  • Any activities that harm or attempt to harm minors in any way.
  • Trade, production, or mediation in the trade of weapons and munitions.
  • Trade of antiques, works of art, numismatic values.
  • Trade of jewellery, precious metals, and precious gems.
  • Trade of monetary objects (banknotes) and stamps.
  • Trade of ferrous, non-ferrous, and rare metals; their wares; and precocious stones.
  • Trade of tobacco products.
  • Illegal/pirated audio or video records.
  • Hosting, file copying, or unlicensed IPTV.
  • Telecommunications manipulation equipment including jamming devices.
  • Trafficking of humans or related actions.
  • Counterfeit (forged) goods.
  • Goods and services of a sexual nature.
  • Production or recycling of explosive and nuclear fuel.
  • Production or trade in radioactive materials.
  • Provision of money services (e.g., cash desks, currency exchange offices, money transfer agents, or other service providers offering money transfer opportunities).
  • Financial services related to loan restructuring, debt recovery, or loan amendments.
  • Investment services and incidental investment services.
  • Provision of reinsurance services.
  • Provision of cash-in-transit services.
  • Cryptocurrency production (mining).
  • Ponzi schemes.
  • Intermediation in real property transactions.
  • Drugs and drug paraphernalia, narcotic or narcotic-like substances.
  • Operation of drugstores and pharmacies; trade in medications, patented drugs, and pharmaceutical products.
  • Unregulated charities, political or religious organizations, ICOs, crowdfunding, and other unregulated organizations.
  • Dealers of high-value precious goods.

Additionally, the following customers are prohibited:

  • Shell banks.
  • Individuals or entities on relevant sanctions lists issued by countries in compliance with UN resolutions or other unilateral sanctions (e.g., UK, US).
  • Individuals or entities whose identity cannot be verified or who refuse to provide required verification information.
  • Customers with bearer shares or undisclosed nominee shareholders.

Policy Updates and Questions

This Policy is subject to regular updates to ensure alignment with regulatory changes. For questions or further details, please contact the Compliance Officer.

We Value Your Privacy

This site uses consent-requiring cookies and third-party technologies to integrate certain features. When you click the "Accept All" button, these features are enabled (consent). After consent is given, we and the involved third-party companies process your personal data for various purposes. Detailed information on purpose, legal basis and third party companies can be found on the Cookie Policy page.
Reject All
Accept All

Login form

    Registration form

      Privacy Policy

      Privacy Policy

      As of 10 January 2025

      CRABSI PAYMENTS CORP. (hereinafter referred to as “CRABSI”), a company established under the laws of Canada, is registered at 80 Atlantic Ave, Toronto, Ontario, Canada, M6K1X9 under the registration number 1000491725.

      This Privacy Policy, together with the Terms and Conditions and other material parts thereof, governs the collection, processing, and use of your Personal Data by CRABSI. 

      CRABSI acts as a data controller in accordance with this Privacy Policy, which defines how the company may use your Personal Data.

      CRABSI and its affiliates (if any) are committed to protecting your privacy. The information collected about you is used to fulfill contractual obligations and improve customer service. This Privacy Policy provides clear and transparent information about how we collect, use, and protect your data in compliance with Canadian data protection laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and the General Data Protection Regulation (GDPR), and other relevant international laws for users outside of Canada and the EU.

      If you are located outside of Canada, the EU, or a jurisdiction with specific privacy regulations, we will process your Personal Data in line with international privacy standards, applying reasonable measures to protect your information as outlined in this Privacy Policy.

      Please read this document carefully to understand our approach to handling your Personal Data.

      For any questions or concerns, you can contact us at:

      Email: [email protected]

      1. Data We Collect

      Information You Provide

      You may provide information directly to us by completing forms on our website or contacting us via phone, email, video conference, or other methods. This includes:

      • Personal Identification: Name, surname, photographs, videos (for verification purposes under the AML/CFT Policy), residential address, citizenship, date and place of birth, and tax residency.
      • Government-Issued Identification: Passport, driver’s license, or other identification documents.
      • Contact Information: Phone number, email address, and login credentials.
      • Financial Data: Bank details, account numbers, payment details, and Foreign Account Taxation Act (FATCA/CRS) information.
      • Professional Details: Education, work experience, and place of employment.
      • Other Information: Politically exposed person (PEP) status, sources and amounts of income, account status, balance sheets, and transaction details.

      Crabsi does not collect or process sensitive personal data, such as racial or ethnic origin, political opinions, religious beliefs, or health data, unless explicitly provided by you in public forums on our website.

      Information We Collect Automatically

      When you visit our website or use our services, we may collect:

      • Technical Data: IP address, browser type and version, time zone settings, and operating system.
      • Usage Data: Pages visited, site interactions, errors encountered, and geolocation data.
      • Financial Activity: Transaction details, account activity, and accrued commissions.

      Information From Third Parties

      We may receive data from external sources, such as:

      • Financial Institutions: For deposits and withdrawals.
      • Verification Services: To confirm details you provide.
      • Credit Agencies and Partners: Data regarding your financial status.

      2. Use of Cookies

      Please refer to our Cookie Policy for details on how we use cookies and manage your consent.

      3. Why We Use Your Personal Data

      To Provide Services

      • Fulfill contractual obligations and deliver requested products or services.
      • Maintain security and administer the website.
      • Resolve complaints and support queries.

      To Improve Services

      • Enhance the website experience and evaluate advertising effectiveness.
      • Analyze usage data for internal research and development.

      To Ensure Legal Compliance

      • Verify identities to prevent fraud.
      • Comply with AML/CFT regulations and other legal requirements.

      For Marketing

      • Inform you about products or services similar to those you’ve used or searched for.
      • With your consent, share your data with third parties for marketing purposes.

      4. Disclosure of Personal Data

      We may share your data with:

      • Service Providers: Business partners, subcontractors, and analytics providers.
      • Marketing Networks: To optimize advertisements (aggregated data only).
      • Legal Obligations: If required by law, court orders, or to protect CRABSI’s rights and property.
      • Corporate Transactions: During mergers, acquisitions, or asset sales.

      5. Security and Retention of Personal Data

      Security Measures

      We implement robust security measures to safeguard your data from loss, misuse, or unauthorized access. Only authorized personnel have access to your data, and all data transfers comply with international security standards.

      Retention Period

      Your data will be retained:

      • For a minimum of five (5) years after account closure, in compliance with legal requirements.
      • Longer, if required for legal investigations or disputes.
      • Email addresses from unsubscribed users will be stored in an inactive list.

      6. Basis for Processing Personal Data

      We process your data based on:

      • Consent: Provided explicitly for specific purposes.
      • Contractual Obligations: Necessary to fulfill agreements with you.
      • Legal Compliance: To meet regulatory requirements.
      • Legitimate Interests: To prevent fraud, enhance security, and improve services.

      You may withdraw your consent at any time.

      7. Your Rights

      You have the right to:

      • Request deletion, correction, or restriction of your data.
      • Access your data and receive a copy in a machine-readable format.
      • Object to data processing for marketing purposes.

      To exercise these rights, contact us at [email protected]. Note that exercising certain rights may impact our ability to provide services to you.

      8. Access to Personal Data

      Under PIPEDA and GDPR, you may request access to the data we hold about you by submitting a written request to [email protected].

      9. Storage of Personal Data

      We store and process Personal Data using secure repositories and best practices throughout its lifecycle. For individuals outside Canada and the EU, we ensure that data processing complies with this Privacy Policy and applicable international privacy standards.

      Data Transfers Outside Canada, the EU, and Your Jurisdiction

      Your data may be transferred to and stored in a jurisdiction outside your country of residence, including countries where data protection laws may differ from those in your region. In such cases:

      • We apply appropriate safeguards to protect your Personal Data, including but not limited to contractual agreements with service providers.
      • Data transfers comply with adequacy decisions (where applicable) or recognized mechanisms such as Standard Contractual Clauses (SCCs).

      By using our services, you consent to these data transfers.

      10. Changes to This Privacy Policy

      This Privacy Policy may be updated periodically, with the most recent revision date displayed at the top of the document. Any updates will be posted on our website to ensure transparency.

      For significant changes, we may choose to notify you using the contact information available to us. However, it remains your responsibility to review this Privacy Policy regularly to stay informed about how your Personal Data is being handled.

      If you disagree with any updates, you should discontinue using our services and reach out to us with your concerns. By continuing to use our services after updates are published, you accept the revised Privacy Policy.