ZonkeApp AML & Fraud Prevention Policy

1. Introduction

ZonkeApp (Pty) Ltd ("ZonkeApp", "we", "us", or "our") is a South African fintech company offering digital payment and financial services. As a responsible financial services platform, ZonkeApp is committed to preventing money laundering, terrorist financing, fraud, and related financial crimes. This Anti-Money Laundering (AML) & Fraud Prevention Policy outlines our controls and processes in line with:

● The Financial Intelligence Centre Act (FICA)

● The Protection of Personal Information Act (POPIA)

● The Prevention of Organised Crime Act (POCA)

● The Prevention and Combating of Corrupt Activities Act (PRECCA)

● Guidelines issued by the Financial Intelligence Centre (FIC)

● Relevant international AML/CFT standards including FATF (Financial Action Task Force)

2. Objectives

The objectives of this policy are to:

● Detect, prevent, and report potential money laundering and terrorist financing activities

● Protect ZonkeApp, its partners, and customers from fraud and reputational harm

● Comply with all legal and regulatory obligations as an accountable institution under FICA

● Promote transparency, integrity, and trust in all financial transactions

3. Scope

This policy applies to:

● All ZonkeApp employees, agents, contractors, and merchants

● All users of ZonkeApp's financial and payment services

● All transactions conducted via ZonkeApp platforms and integrations

4. Definitions

● Money Laundering: The process of disguising the proceeds of crime as legitimate funds.

● Terrorist Financing: Providing funds with the intention that they be used for terrorist activities.

● Fraud: Intentional deception for personal or financial gain.

● Customer Due Diligence (CDD): The process of verifying the identity of customers.

● Politically Exposed Person (PEP): An individual who holds a prominent public position or function.

5. Governance and Oversight

5.1 Compliance Officer

ZonkeApp has appointed a FICA Compliance Officer, responsible for:

● Overseeing implementation of AML/CFT controls

● Ensuring regulatory reporting to the Financial Intelligence Centre (FIC)

● Managing suspicious transaction monitoring

● Training staff on AML obligations

5.2 Internal Reporting

Employees and partners must report suspicious activity immediately to the Compliance Officer. Failure to report is a criminal offense under FICA.

6. Risk-Based Approach (RBA)

ZonkeApp adopts a risk-based approach to AML, where customers, merchants, and transactions are categorized into risk levels:

7. Customer Due Diligence (CDD) & KYC

7.1 Individual Users

● Full name, ID number, address, phone number, email

● Copy of SA ID or passport

7.2 Business/Merchant Clients

● Company registration documents (CIPC)

● Director IDs and contact details

● Proof of address

● VAT and tax clearance certificates (where applicable)

7.3 Enhanced Due Diligence (EDD)

Required for:

● High-risk customers

● PEPs

● International clients

● Unusual transaction patterns

EDD includes verifying source of funds and conducting background checks.

8. Transaction Monitoring

All transactions on ZonkeApp are monitored using automated systems and manual reviews to detect:

● Structuring or smurfing (splitting large transactions into smaller ones)

● Rapid movement of funds with no clear business rationale

● High-volume or high-frequency transactions inconsistent with customer profile

● Suspicious locations, devices, or IP addresses

ZonkeApp flags transactions based on pre-defined rules and reviews them accordingly.

9. Suspicious Transaction Reporting (STR)

Any activity that appears suspicious must be reported to the Financial Intelligence Centre (FIC) through the Compliance Officer. This includes:

● Large cash deposits or withdrawals without clear purpose

● Transactions inconsistent with known customer behavior

● Refusal by the customer to provide requested KYC or source of funds

No customer must be notified when an STR has been filed (known as tipping off, which is illegal under FICA).

10. Sanctions Screening

ZonkeApp screens customers and partners against:

● United Nations Sanctions Lists

● South African Government Sanctions

● OFAC (U.S. Treasury) Lists

● Other watchlists as advised by regulators

Engagement with sanctioned individuals or entities is strictly prohibited.

11. Record Keeping

ZonkeApp will maintain records of:

● All KYC/CIP documents

● Transaction histories

● STRs and internal reports

● Customer interactions and due diligence activities

Records will be kept for at least five (5) years from the date of the last transaction or termination of the relationship, as required by FICA.

12. Employee Training

All staff, agents, and partners undergo regular AML & Fraud Awareness Training, covering:

● Understanding red flags

● KYC/CIP procedures

● Reporting suspicious activity

● Legal obligations under FICA and POCDATARA

13. Fraud Prevention

ZonkeApp implements:

● Real-time fraud detection tools

● Multi-factor authentication (MFA)

● Geo-location and device fingerprinting

● Velocity and pattern detection on transaction behavior

We maintain a zero-tolerance policy for internal or external fraud and will pursue legal action in confirmed cases.

14. POPIA Compliance

ZonkeApp ensures all personal data collected for AML purposes is:

● Collected lawfully and with purpose

● Processed securely and only for the duration needed

● Not shared without customer consent, unless required by law

● Handled according to ZonkeApp's Privacy Policy

15. Review and Audit

This policy is reviewed at least annually, or more frequently as required by:

● Changes in laws and regulations

● Internal audits

● Regulator feedback

16. Breaches and Penalties

Failure to comply with this policy may result in:

● Disciplinary action (for staff or agents)

● Termination of services (for customers or merchants)

● Reporting to law enforcement or the Financial Intelligence Centre

● Civil or criminal penalties as allowed by South African law

17. Contact Details for Reporting

Compliance Officer:
Name: Mr. Ntokozo Mdlalose CA(SA)
Email: ntokozo@zonkeapp.com