1. Introduction
‍
This Anti-Money Laundering (“AML”) Policy outlines the principles and practices adopted by SIA QUANTARA, a company incorporated in Estonia and operating the website https://paytrust.io (“we”, “us”, or “our”), in relation to the prevention of money laundering, terrorist financing, and other forms of financial crime.
‍
We operate as a technical service provider offering payment gateway technology and infrastructure solutions. We do not engage in regulated financial or payment institution activities, do not hold or transfer client funds, and do not onboard end users through the Website. Our role is strictly limited to the provision of software and technological interfaces that enable clients to manage and process payments through third-party acquiring, banking, or payment service providers.
‍
Nonetheless, we recognize that the misuse of technical services can facilitate unlawful activity, and we are committed to aligning our business practices with international standards of transparency, due diligence, and regulatory cooperation. This Policy reflects our proactive approach to compliance and ethical business conduct, consistent with:
‍
- The Estonian Money Laundering and Terrorist Financing Prevention Act;
- The EU Anti-Money Laundering Directives (AMLDs);
- Recommendations of the Financial Action Task Force (FATF);
- Applicable sanctions regimes, including those of the EU, UN, and OFAC.2.

Scope of the Policy
‍
This AML Policy applies to:
- SIA QUANTARA as the operator of PayTrust.io and provider of technical processing services;
- All Website-based interactions and communication channels through which individuals or businesses may inquire about our services;
- Preliminary commercial discussions or technical evaluations with potential clients or partners.
‍
Given our business model, AML obligations and risk mitigation practices focus on:
- Evaluating the nature and legitimacy of business inquiries;
- Ensuring we do not engage in business relationships with entities involved in high-risk or prohibited activities;
- Preventing the misuse of our name, platform, or software in schemes that may involve the laundering of illicit funds.
‍
Should we progress to formal business engagements, we reserve the right to apply risk-based Customer Due Diligence (CDD) and Know Your Customer (KYC) procedures to our clients, tailored to the nature of the services provided and in line with applicable legal obligations.
‍
3. What Is Money Laundering?
‍
Money laundering is the process of disguising the origin of illegally obtained funds to make them appear legitimate. It typically involves a series of complex financial transactions that obscure the source, ownership, or control of the funds.
‍
The process is commonly divided into three stages:
- Placement: Introducing illicit funds into the financial system (e.g., depositing cash into banks, purchasing assets or services).
- Layering: Obscuring the trail of the funds through a series of transactions, such as transfers between accounts or jurisdictions.
- Integration: Reintroducing the now-laundered funds into the legitimate economy through seemingly lawful transactions.

As a technical gateway provider, we do not process or handle funds directly. However, we acknowledge that the technology we provide could, in theory, be exploited by users with illicit intent if proper controls are not in place. For this reason, we adopt a preventative stance and implement safeguards to ensure that our infrastructure is not made available to suspicious or unlawful actors.

4. Prohibited Activities
‍
We strictly prohibit any use of our technology, services, website, name, or brand for purposes that may involve:
- Concealing or disguising the proceeds of criminal conduct;
- Facilitating the movement of funds associated with terrorism, organized crime, or sanctioned entities;
- Assisting in the evasion of international economic sanctions or regulatory restrictions;
- Circumventing financial due diligence, licensing, or reporting requirements;
- Engaging in fraudulent schemes, identity theft, or unauthorised access to payment channels;
- Misrepresenting the nature, purpose, or beneficiaries of transactions processed through our infrastructure;
- Offering our services to shell banks, anonymous entities, or high-risk jurisdictions identified by the FATF or EU.
‍
If we identify or suspect that a person or entity is attempting to misuse our Website or services for any of the above-listed activities, we reserve the right to immediately terminate any communications, suspend discussions, and, where appropriate, report such activity to the relevant authorities.
‍
5. Customer Due Diligence (CDD) & Know Your Customer (KYC)
‍
As a provider of technical payment gateway services, we do not offer financial services to the public, nor do we onboard individual end-users. However, when entering into formal business relationships with commercial clients, especially those operating in high-risk sectors or jurisdictions, we may carry out appropriate Customer Due Diligence (CDD) measures.
‍
These measures may include:
- Verifying the legal existence and registration status of a potential client;
- Identifying the beneficial owners and authorized representatives of the business;
- Collecting relevant corporate documents, such as certificates of incorporation, shareholder registers, and directors’ IDs;
- Requesting information about the source of funds and nature of intended transactions;
- Screening against international sanctions lists, adverse media, and politically exposed persons (PEP) databases.
‍
Risk-Based Approach
‍
Where the prospective client operates in a higher-risk industry (e.g., crypto, gambling, offshore finance) or is located in a jurisdiction identified as high-risk by the FATF, we may apply Enhanced Due Diligence (EDD) measures. These may involve additional documentation, background checks, or independent verification of information.
‍
We reserve the right to decline any business engagement if the client fails to meet our CDD requirements or if, at our sole discretion, we consider the engagement inconsistent with our risk appetite or compliance principles.

6. Monitoring and Reporting
‍
While we do not process financial transactions or maintain user accounts through the Website, we retain the right to evaluate and monitor incoming business inquiries, especially when they involve commercial engagements for technical integration or long-term cooperation.
‍
In the context of actual client relationships:
- We may periodically review the activities and documentation of clients to ensure ongoing compliance with our AML standards.
- We may request updated information to maintain accurate records, particularly where changes occur in ownership, control, or business activities.
‍
Suspicious Activity
‍
If we identify indicators of potentially unlawful conduct — such as attempts to conceal ownership, use of forged documents, or inconsistencies in provided information — we reserve the right to:
- Terminate ongoing discussions or cooperation without prior notice;
- Restrict access to any sandbox or demo environments (if applicable); and
- Report such activities to the relevant law enforcement or regulatory authorities in accordance with applicable Estonian or EU law.

We will not engage in any relationship, directly or indirectly, that could compromise our compliance obligations or expose our infrastructure to misuse.

7. Sanctioned Countries and Restricted Jurisdictions
‍
To maintain compliance with international regulations and to reduce the risk of facilitating unlawful financial activity, we do not engage in business discussions, partnerships, or integrations with individuals or entities that are:
‍
- Located in or operating from countries subject to comprehensive international sanctions (e.g., those imposed by the European Union, United Nations, or OFAC – U.S. Office of Foreign Assets Control);
- Listed on any global sanctions lists, including but not limited to EU Consolidated Sanctions List, OFAC SDN List, and UN Sanctions List;
- Operating in high-risk jurisdictions identified by the Financial Action Task Force (FATF) as having strategic deficiencies in their anti-money laundering regimes;
- Associated with activities known to involve terrorist financing, proliferation of weapons, trafficking, or corruption.
Our internal procedures include screening potential clients or partners against these sanctions and watchlists prior to initiating any formal engagement.
‍
We reserve the right to:
- Decline any business inquiry or terminate communications where we identify a connection to a sanctioned jurisdiction or listed entity;
- Avoid partnerships with intermediaries attempting to obscure the true origin or location of clients;
- Update our list of restricted jurisdictions in accordance with evolving regulatory and geopolitical developments.

8. Record Retention
‍
While the Website does not collect user financial data or host transactions, any corporate information submitted during early-stage commercial discussions (e.g., company profiles, pitch materials, or onboarding questionnaires) may be retained for internal risk assessment purposes.
‍
Where a commercial relationship is established, we will retain:
- Identification and verification documents;
- Copies of communications and agreements;
- Risk assessments and due diligence records.
‍
These records are retained for a minimum period of five (5) years following the end of the business relationship or from the date of the last transaction, whichever is later. This is in accordance with the Estonian Money Laundering and Terrorist Financing Prevention Act and other applicable regulations.
‍
Data is stored securely and is only accessible to authorized personnel. Upon expiry of the retention period, data is either deleted or anonymized unless further retention is legally required (e.g., due to an ongoing investigation or audit).

9. Policy Updates
‍
We reserve the right to revise or update this AML Policy at any time to reflect changes in applicable laws, regulatory requirements, industry practices, or the nature of our business operations.

All updates will be posted on this page with the revised “Last Updated” date. Significant changes may also be communicated through additional channels where appropriate.

We encourage you to review this AML Policy periodically to stay informed about how we help prevent the misuse of our services in connection with money laundering, terrorism financing, or other unlawful activity.

Continued use of our Website and communication with our Company following any changes to this Policy constitutes your acknowledgment and acceptance of the updated terms.

10. Contact
‍
If you have any questions, concerns, or reports relating to this AML Policy, or if you suspect any misuse of the Website or our name in connection with suspicious activity, please contact us at:
‍
‍SIA QUANTARA
Mazā Krasta iela 35 - 10, LV-1003, Rīga
Republic of Estonia
Email: info@paytrust.io