AML Policy

This is the anti-money laundering and counter-terrorist financing policy (referred to as AML/CTF Policy) of HermesPay OÜ, which is operating the website HermesPay OÜ is a privately-owned limited liability company incorporated under the laws of Estonia with registration number: 14828576 and registered address: Sepise tn 1, 11415 Tallinn, Estonia. HermesPay OÜ, hereinafter can be referred to as “HermesPay”, “We”, “Our”, “Company” and “Us” and include its owners, directors, investors, employees or other related parties. The terms “User”, “You” and “Your” refer to a User of
the online platform

In order to maintain uncompromised and reputable provision of services, HermesPay is set to follow strict rules on anti-money laundering and counterterrorist financing, governed by the local and international laws and regulations.

HermesPay thus implements the current policy in accordance with:
(i) DIRECTIVE (EU) 2018/843 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 30 May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, and amending Directives 2009/138/EC and 2013/36/EU;

(ii) the Estonian Money Laundering and Terrorist Financing Act and other legal guidelines given by the Estonian Minister of Finance; and

(iii) any other applicable laws in force in any territory HermesPay might be operating.

HermesPay is always set to follow the most stringent rules and industry standards in any country it might have operations with the intention to prevent any kind of illegal and criminal activities and any potential involvement of HermesPay in

The anti-money laundering and counter-terrorist financing policy, which is a part of the Terms & Conditions of HermesPay, requires mandatory compliance by the User. Users are required to read, review, understand and then agree to the terms hereinafter before using or availing any of the HermesPay Services. Terms not defined herein shall carry the same interpretation as in the Terms & Conditions and in the absence thereof to general usage and understanding


“Applicable Laws” means the law in force for the time being within the territory of any country HermesPay might be operating in;
“Ultimate Beneficial Owner” means:
(i) The natural person who has direct or indirect ownership of over 25% (twenty five per cent) of the shares of a legal entity, where indirectly means that the natural person has ownership in another legal entity which owns fully or partially the legal entity subject to verification;

(ii) The natural person is entitled to over 25% (twenty five per cent) of the

(iii) The natural person has the power, directly or indirectly, to appoint or elect more than half of the members of the managing or supervising body and is also a shareholder;

(iv) The natural person holds more than 50% the voting rights in the legal entity;

(v) The natural person has the right to influence the legal entity as a result of an agreement or of the articles of association of the entity; or “Identification Document(s)” refers to:

(i) National ID Cards and Passports and any other government-issued identification document;

(ii) Documents that identify the registered address of a natural person or legal entity such as, but not limited to, Bank Statement and Utility Bill; or

(iii) Such other document as may be notified by HermesPay from time to time; “Politically Exposed Person” refers to any natural person that is himself or is a family member or close associate to a natural person that is:

(i) Head of state, head of government, minister, and deputy or assistant

(ii) Member of parliament or similar legislative bodies;

(iii) Member of the governing bodies of political parties;

(iv) Member of supreme courts, of constitutional courts or of other high-level judicial bodies, the decisions of which are not subject to further appeal, except in exceptional circumstances;

(v) Member of courts of auditors or of the boards of central banks;

(vi) Ambassador, charges d’affaires and high-ranking officer in the armed forces;

(vii) Member of the administrative, management or supervisory bodies of State-owned enterprises;

(viii) Director, deputy director or member of the board or equivalent function of an international organization.

“Sanction Lists” refers to lists of natural persons, legal entities and whole countries which are involved, or suspected of being involved, in illegal and criminal activities. Such lists are for example provided by OFAC, EU, UN, HMT.
“Suspicious Transactions” refers to the following activities, whether
attempted or executed:

(i) Terrorist financing: transactions which to a person acting in good faith appear to be any funds collected to be used, in full or in part, by any terrorist or related organization, or in order to carry out any of the activities relating to terrorism, or terrorist acts; or

(ii) Unusually Complex: transactions which to a person acting in good faith appear to have been structured in a manner of unusual or unjustified complexity; or

(iii) Malafide Purpose: transactions which to a person acting in good faith appear to have not been transacted for bonafide purpose or have a sound economic rationale; or

(iv) Money Laundering: transactions which to a person acting in good faith appear to “clean” criminal proceeds so that their illegal origins are hidden. Such proceeds are usually associated with the types of organised crime that generate huge profits in cash, such as trafficking in drugs, weapons and human beings as well as fraud.

Money Laundering Reporting Officer

HermesPay seeks to appoint and duly authorizes Money Laundering Reporting Officer (MLRO) to oversee the compliance of HermesPay systems and controls with the current AML/CTF Policy, relevant legislation, regulations, rules, and industry guidance. The MLRO has sufficient level of seniority and independence.

The Officer is entitled to interact with law enforcement authorities, which are involved in prevention of money laundering, terrorist financing and other illegal activity.

User Verification

The industry standard for combating money laundering, terrorist financing and any other financial criminal activity is thorough customer due diligence (CDD). HermesPay implements CDD in the form of requiring any natural person, who wishes to make transactions with fiat money on the HermesPay platform, and any company/organization to verify respectively their identity and the identity of their company Ultimate Beneficial Owners.

Following established Know-Your-Customer (KYC) rules, regulations and procedures, we request user-supplied information and identification documentation. For the purposes of verification of any User’s identity, HermesPay may rely on appropriate and licensed third-party service providers to authenticate the Identification Documents and other incidental details
provided by the User.

Each client, who has passed the verification procedure, can transact with fiat money on the HermesPay platform only on the premise that they use bank cards and bank or electronic money service accounts in their own name Identification of Natural Persons.

Each natural person, who wishes to make transactions with fiat money on the HermesPay platform, is required to identify themselves by providing:

(i) their full name;

(ii) their date of birth;

(iii) their resident address;

(iv) government-issued identification document, such as ID card and international passport, which bears a photograph, date of birth and Personal Identification Number issued by their government;

(vi) a recent self-portrait of themselves to compare against image on ID document (Facial Verification)

For natural persons with nationality or residency at a high-risk third country or if deemed appropriate, HermesPay might also:

(i) require information on the source of funds and source of wealth of the User;

(ii) require information on the reasons for the intended or performed transactions;

(iii) conduct enhanced monitoring of the business relationship by increasing the number and timing of controls applied, and selecting patterns of transactions that need further examination..

(iv) proof of resident address, such as utility bill or bank statement not older than 3 months;

Identification of Legal Entities and Ultimate Beneficial Owners

General identity information

Each legal entity must pass a verification process before it starts using the HermesPay services regardless of whether it will transact with fiat money or not. It must provide:
(i) name;
(ii) registered number in any national register;
(iii) legal form in accordance with the law of the place of registration;
(iv) address of the corporate seat and address of management;
(v) Certificate of Incorporation;
(vi) Articles/Memorandum of Incorporation;
(vii) Bank Statement not older than 3 months stating the Company Address.

Additional verification measures

With respect to business account holders we further apply the following enhanced customer due diligence measures:

(i) obtaining additional information on the User, the beneficial owner(s) and anybody else that might have access to the corporate account at HermesPay, such as data about Politically Exposed Persons;

(ii) obtaining additional information on the intended nature of the business relationship;

(iii) obtaining information on the source of funds and source of wealth of the customer and of the beneficial owner(s);

(iv) obtaining information on the reasons for the intended or performed transactions;

(v) obtaining the approval of senior management for establishing or continuing the business relationship;

(vi) conducting enhanced monitoring of the business relationship by increasing the number and timing of controls applied, and selecting patterns of transactions that need further examination.

Persons with access to the corporate account at HermesPay

HermesPay also requires a letter which is signed by the board of directors, CEO, managing director, or significant control owner indicating who has authority to trade on behalf of the company, including:

(i) each trader’s full name;
(ii) company role;
(iii) email;
(iv) physical address;
(v) nationality;
(vi) any personal HermesPay accounts they may have; and
(vii) and a scanned copy of their government-issued ID card or passport.

Ultimate Beneficial Owners While at HermesPay we are against blanket rejections, it is of utmost importance to find out who exercises ultimate effective control over the legal entity we are in relation with. As a result, we require user-supplied information on all Beneficial owners about their:
(i) full name;
(ii) nationality(ies) held;
(iii) photo identification document;
(iv) proof of address.

Taking the risk-based approach, we are especially diligent and thus might employ additional measures such as the use of third-party screening providers in case of:
(i) Organizational structure with multiple levels of ownership;
(ii) Organizational structure in various jurisdictions; and
(iii) Lack of supporting documentation to prove ownership.
In the case where the legal entity is owned by another one, HermesPay also requires:
(i) name;
(ii) registered number in any national register;
(iii) legal form in accordance with the law of the place of registration
(iv) address of the corporate seat and address of management;
(v) the details required of UBOs as above, in relation to corporate

Sanctions lists screening

HermesPay is prohibited from transacting with individuals, companies and countries that are on prescribed sanctions lists and thus screens its users against United Nations, European Union, UK Treasury and US Office of Foreign Assets Control (OFAC) and other sanctions lists.

Politically Exposed Persons screening

In order to identify politically exposed persons amongst its Users, HermesPay does not only rely on user-supplied declarations but also screens all individual account holders, all UBOs of corporate account holders as well as
any person that has access to a corporate account against various domestic and international PEP lists.

Restrictions and Denial of Service

Based on the provided information, HermesPay reserves the right to determine, at its sole discretion, the appropriate verification level for any user, as well as the right to downgrade or ban users without prior notice. If HermesPay finds out
that any User information, obtained in accordance with the described procedure, to be inadequate, insufficient, or enlisted on the Sanctions Lists, the Company may in its discretion either refuse or terminate (as the case may be) the registration of such User Account or require verification of such User’s Identification Documents again.

In the event that it is brought to the attention of HermesPay, that a particular User or account is maintained under a fictitious name, HermesPay has the full right and authority to terminate and close such an account with immediate effect and
without prior notice to the User.

HermesPay also reserves the right to verify user’s identity on an ongoing basis, especially in cases of unusual and suspicious activity or if HermesPay doubts the adequacy or veracity of previously obtained customer identification data.
HermesPay is further in its right to request up-to-date documents from the users, even though they have already passed identity verification in the past.

HermesPay may also implement policies restricting Verification Levels by nationality, country of residence, or any other factor. This may affect the user ability to deposit/withdraw funds based on their verification level and HermesPay
cannot be held responsible for any potential losses.

HermesPay reserves the right to terminate the User Account, restrict and/or prevent access to its online platform, or report to the appropriate enforcement authorities the activities of any User if there are suspicions on
illegal activity.

Once the User’s identity has been verified, HermesPay is able to remove itself from potential legal liability in a situation where its Services are used to conduct illegal activity.

Sensitive Personal Information

The sensitive personal information is collected, shared and stored safely in accordance with HermesPay’ Privacy Policy.

User activity monitoring, analysis, and reporting

In addition to verifying User identity, HermesPay also reserves the right to monitor and analyse their activity as part of the AML/CTF toolkit. HermesPay performs a variety of compliance-related tasks, including capturing data, filtering,
record-keeping, investigation management, and reporting. System functionalities include but are not limited to:
(i) Monitoring for transactions by both artificial intelligence (using predictivealgorithms, statistical analysis, classification and scoring etc.) and human intervention, which appear to be:
• unusually and unnecessarily complex;
• unusually large;
• conducted in an unusual pattern;
• lacking an apparent economic or lawful purpose.
(ii) Daily check of Users against recognized “black lists” (e.g. OFAC), as
described above;
(iii) Placing Users on watch and service denial lists;
(iv) Opening cases for investigation where needed;
(v) Requesting additional information, where deemed appropriate;
(vi) Sending internal communications;
(vii) Filling out statutory reports, if applicable;
(viii) Case and document management.
HermesPay monitors all transactions on a daily basis and it reserves the right to
report any suspicious transactions to the appropriate law enforcement
agencies through the MLRO, to request additional information and
documentation in case of suspicion for illegal activities as well as to suspend
or terminate the provision of services to the suspected Users. The list is not
exhaustive and HermesPay will take the necessary measures to prevent cases of
money laundering, terrorist financing or any other criminal activity

Risk-based approach

HermesPay is devoted to following highest industry standards and thus takes a risk-based approach in terms of committing its resources in the most efficient way; meaning that the greatest risks would receive the highest attention. As a result HermesPay also reserves the right to classify its Users into different risk profiles based on the following factors (including without limitation):

(i) Sufficiency and adequacy of identification information;
(ii) Nature of User’s business/vocational activities; or
(iii) Guidance notes circulated by various governmental and intergovernmental organizations.

Business relationships with corporate account holders, which have a complex ownership structure, preventing the identification of the Ultimate Beneficial Owners, and natural persons with a nationality or residency at high-risk third countries are for example a top priority for the compliance office of HermesPay.

HermesPay keeps the risk categorization confidential and can change the categorization of any User at any time given various factors. While the Users are not entitled in any way to seek disclosure, HermesPay may disclose the User’s risk categorization data to the competent enforcement authority if it finds that a particular User has executed or is likely to execute any Suspicious Transaction.


This AML/CTF policy may be periodically reviewed and revised. The revised draft will be uploaded on and will reflect the modified date of the terms. The User is required to periodically visit the website and review terms and any changes thereto. Continued use by the User constitutes agreement with any amendments of the policy.


Should you have any questions with regard to our Anti-money laundering
and counter-terrorist financing policy, please contact us at [email protected]

About Us

HermesPay OÜ is an Estonian company.

HermesPay OÜ © 2024. All Rights Reserved.