AML, CTF & Internal Control Policies and Procedures

Effective Date: July 2026

Last Updated: July 2026

Jurisdiction: Federal Republic of Nigeria

Document Version: 1.0

This document is the formal compliance policy for regulatory submissions. For the user-facing AML summary, see our AML Policy.

FidemIt Escrow ("FidemIt," "the Company") maintains written policies and procedures to:

  1. Prevent, detect, and report money laundering (AML).
  2. Prevent, detect, and report terrorist financing (CTF).
  3. Establish internal controls over compliance, operations, and financial activity on the platform.

These policies apply to all directors, officers, employees, contractors, and agents of FidemIt, and to all users of the FidemIt Escrow platform.

FidemIt operates in compliance with applicable Nigerian laws and regulations, including but not limited to:

  • Money Laundering (Prevention and Prohibition) Act
  • Terrorism (Prevention and Prohibition) Act
  • Central Bank of Nigeria (CBN) Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) Regulations
  • Nigerian Financial Intelligence Unit (NFIU) reporting requirements
  • Nigeria Data Protection Act (NDPA), where applicable to customer data handling

3.1 Board / Director Oversight

As a single-director company, the Founder and Sole Director is responsible for:

  • Approving all compliance policies and procedures
  • Reviewing compliance reports at least annually
  • Ensuring adequate resources for AML/CTF compliance
3.2 Compliance Officer

The Founder serves as the designated Compliance Officer until a dedicated officer is appointed. Responsibilities include:

  • Overseeing day-to-day AML/CTF compliance
  • Receiving and acting on suspicious activity reports
  • Liaising with regulators and the NFIU as required
  • Ensuring staff training and policy updates
3.3 Internal Controls
Control AreaProcedure
Customer identificationTiered KYC verification (BVN/NIN, identity, address)
Transaction monitoringAutomated and manual review of transactions against tier limits
Access controlRole-based access; periodic access reviews
Record keepingRetention of KYC records and transaction logs per regulatory requirements
Incident responseDocumented incident response and escalation procedures
Information securityDocumented information security and access control policies

4.1 Prohibited Activities

FidemIt prohibits use of its platform for:

  • Laundering proceeds of crime
  • Structuring transactions to evade reporting thresholds
  • Concealing the origin, ownership, or control of funds
  • Any activity that facilitates financial crime
4.2 Customer Due Diligence (CDD) / Know Your Customer (KYC)

All users must complete KYC before accessing full platform functionality.

Individual users must provide:
  • Full legal name
  • Date of birth
  • Residential address
  • Government-issued photo ID (National ID, Passport, or Driver's License)
  • BVN or NIN
  • Selfie for facial verification (where required)
Business users must provide:
  • Legal business name and registration number
  • Business address and industry
  • Director identification and contact details
Tiered limits (as configured in platform):
TierDaily LimitMax BalanceRequirements
Tier 1₦20,000₦300,000BVN or NIN
Tier 2₦200,000₦500,000Identifier + approved identity review
Tier 3₦2,000,000UnlimitedIdentifier + identity + address review
4.3 Enhanced Due Diligence (EDD)

EDD is applied when:

  • A user is identified as a Politically Exposed Person (PEP)
  • Transaction patterns are inconsistent with stated activity
  • A user operates in or transacts with high-risk jurisdictions
  • Any red flag is identified during monitoring
4.4 Ongoing Monitoring

FidemIt monitors transactions through:

  • Automated flagging of transactions exceeding tier limits or unusual patterns
  • Manual review by the compliance function
  • Periodic audit of high-value accounts
4.5 Suspicious Activity Reporting (SAR)

Any employee or contractor who identifies suspicious activity must report it immediately to the Compliance Officer at compliance@fidemit.com.

The Compliance Officer will:

  1. Investigate the activity
  2. Document findings
  3. File a Suspicious Transaction Report (STR) with the NFIU where required
  4. Take appropriate account action (freeze, suspend, terminate)

Reporting timeline: STRs will be filed within regulatory timeframes (typically within 7 days of detection).

5.1 Prohibition

FidemIt strictly prohibits any use of its platform to finance, support, or facilitate terrorism or terrorist organizations.

5.2 Screening

FidemIt will screen users and transactions against:

  • Nigerian sanctions lists
  • UN Security Council Consolidated List
  • Other applicable domestic and international sanctions lists
5.3 Red Flags for Terrorist Financing

Indicators include but are not limited to:

  • Transactions with no apparent economic purpose
  • Use of multiple accounts or identities by one individual
  • Rapid movement of funds through the platform with no underlying transaction
  • Links to sanctioned individuals, entities, or jurisdictions
  • Reluctance to provide KYC information
5.4 Response

Upon identification of potential terrorist financing:

  1. Immediately suspend the account and freeze relevant funds
  2. Report to the NFIU without delay
  3. Cooperate fully with law enforcement
  4. Document all actions taken

FidemIt retains the following for a minimum of 5 years after account closure or transaction completion (or as required by applicable law):

  • KYC documentation and verification records
  • Transaction records and audit logs
  • SAR/STR filings and supporting documentation
  • Compliance training records
  • Policy review and approval records

All personnel with access to customer or transaction data receive AML/CTF awareness training:

  • At onboarding
  • Annually thereafter
  • Upon material policy updates

These policies are reviewed at least annually or upon:

  • Changes in applicable law or regulation
  • Material changes to FidemIt's business model or products
  • Findings from internal or external audits

All revisions require approval by the Founder and Sole Director (acting as the Board).

Non-compliance by users may result in:

  • Account suspension or termination
  • Reporting to the NFIU and other authorities
  • Legal action

Non-compliance by staff may result in disciplinary action up to and including termination and referral to authorities.

Contact

If you have any questions or concerns about these policies, please contact us at:

  • Email: compliance@fidemit.com
  • Address: FidemIt Escrow