Anti-Money Laundering & Anti-Bribery and Corruption Policy
Modem Pay's framework for preventing financial crimes and ensuring regulatory compliance across our payment gateway and virtual debit card services.
Last updated: August 26, 2025
1. Policy Statement and Commitment
Modem Pay operates as a payment gateway service provider facilitating electronic payments through our platform and Echo virtual debit card services. We are committed to preventing our services from being used for money laundering, terrorist financing, or other illicit activities; maintaining strict anti-bribery and corruption standards in all business operations; complying with all applicable AML/CTF laws and regulations; cooperating fully with law enforcement and regulatory authorities; implementing robust due diligence and monitoring procedures; and training our employees and educating our partners on compliance requirements.
2. Regulatory Framework and Compliance
Our AML/CFT and Anti-Bribery program complies with the Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) Act — covering record keeping, reporting, and customer due diligence under Gambian law; Central Bank of The Gambia (CBG) Guidelines for licensing, governance, and compliance obligations; the Proceeds of Crime Act; Bribery and Corruption laws of The Gambia; Data Protection and Consumer Protection frameworks; and FATF recommendations and other international standards. As a payment services provider, Modem Pay is subject to oversight by the Central Bank of The Gambia and other competent Gambian authorities, and we align our operations with both local regulatory requirements and international compliance standards.
3. Customer Due Diligence (CDD) Program
For individual customers (Echo users) we require government-issued photo identification, address verification, and identity verification through third-party services. For business customers (merchants) we require business registration and licensing documentation, beneficial ownership identification (25% or greater ownership), principal officer and authorized representative verification, business bank account verification, industry risk assessment, and enhanced due diligence for high-risk business categories. Enhanced due diligence is required for high-risk customers based on geography, industry, or transaction patterns; Politically Exposed Persons (PEPs) and their associates; customers from high-risk jurisdictions; businesses in cash-intensive industries; customers with complex ownership structures; and any customer triggering suspicious activity alerts.
4. Transaction Monitoring and Reporting
All transactions are screened in real-time against known high-risk individuals and entities per Gambian AML/CFT regulations. Algorithms identify unusual transaction activity indicative of fraud or money laundering. Velocity monitoring triggers alerts for transactions exceeding typical patterns or account limits. Enhanced monitoring applies to transactions involving high-risk jurisdictions, with cross-platform analysis across all Modem Pay services. Suspicious Transaction Reports (STRs) are filed within 30 days of initial detection for transactions involving known or suspected criminal activity. Large Value Transaction Reports (LVTRs) are filed for transactions exceeding thresholds set by the Central Bank of The Gambia. Transaction controls include wallet and account limits based on verification level, merchant processing limits set by business type and risk profile, daily/weekly/monthly velocity controls, and geographic restrictions blocking transactions from prohibited jurisdictions.
5. Sanctions Screening and Compliance
All customers are screened against sanctioned individuals and entities as required under Gambian law and CBG guidelines. We conduct real-time screening of all payment transactions, regular re-screening of the existing customer base, screening against international sanctions lists including UN and EU, and use fuzzy matching algorithms to identify name variations and aliases. Prohibited activities include processing payments to or from sanctioned individuals or entities, facilitating transactions involving prohibited jurisdictions, processing payments for illegal activities including weapons and nuclear materials, and providing services to blocked persons or their associates.
6. Anti-Bribery and Corruption Program
Modem Pay maintains a zero-tolerance policy toward bribery and corruption in all forms. This includes prohibition of bribes, kickbacks, or improper payments to any party; restrictions on gifts, entertainment, and hospitality; transparent business partner and vendor selection; clear guidelines for dealing with government officials; and regular integrity assessments of business relationships. Third-party risk management includes background checks on key partners, anti-corruption certifications, regular compliance assessments, contractual compliance obligations, transaction pattern analysis, and incident reporting mechanisms.
7. Risk Assessment and Management
High-risk indicators include cash-intensive businesses, customers from high-risk geographic locations, Politically Exposed Persons, complex corporate structures with unclear beneficial ownership, industries prone to money laundering such as casinos and precious metals, and customers with previous regulatory violations. Medium-risk indicators include high-volume transaction businesses, international transaction processing, new business relationships without established history, and businesses in regulated industries. Low-risk indicators include established businesses with transparent operations, domestic transactions in stable jurisdictions, and customers in low-risk industries with predictable patterns.
8. Training and Awareness Program
All new employees receive comprehensive AML/ABC training upon joining. Annual refresher training covers updated regulations and procedures. Role-specific training is provided for customer-facing and compliance staff. Training covers money laundering typologies and trends, customer identification and verification, transaction monitoring and suspicious activity detection, sanctions screening procedures, anti-bribery and corruption policies, record keeping and reporting requirements, privacy and confidentiality obligations, and regulatory updates and industry best practices.
9. Governance and Oversight
Our compliance organization includes a Chief Compliance Officer responsible for the overall compliance program, a dedicated AML Officer responsible for AML program implementation, a cross-functional Compliance Committee overseeing compliance initiatives, and regular board-level reporting on compliance matters. The program is subject to annual independent testing of AML/ABC program effectiveness, regular internal audits of compliance procedures, external audit and regulatory examination preparation, and continuous improvement based on audit findings.
10. Record Keeping and Documentation
We maintain customer identity verification documents and beneficial ownership information; transaction records including payment instructions and logs; monitoring records including alert investigations and risk assessments; employee training completion and competency assessments; and independent testing results and corrective action plans. All records are retained for 5 years: customer identification records from account closure, transaction records from transaction date, SAR records from filing date, and training and audit records from completion date.
11. Incident Response and Reporting
Internally, suspicious activities are immediately escalated to the compliance team with detailed documentation. Regular reporting is made to senior management and the board of directors. Whistleblower protection and anonymous reporting channels are available. External reporting obligations include Suspicious Transaction Reports (STRs) filed with the Central Bank of The Gambia within required timeframes, immediate reporting of any detected sanctions violations to the CBG, timely notification to other relevant Gambian authorities as required, and full cooperation with law enforcement investigations and official requests.
12. Technology and Data Security
Our compliance technology infrastructure includes real-time transaction monitoring systems for suspicious activity detection, automated sanctions screening against Gambian and international watchlists, comprehensive case management and investigation tools, automated customer risk scoring and profiling, and streamlined STR and large-value transaction filing systems. All sensitive compliance and customer data is protected with bank-grade encryption. Access controls and audit trails are maintained for all compliance information. Regular security assessments and vulnerability testing are conducted, and data retention and destruction procedures follow Gambian regulations. This policy is reviewed annually and updated as necessary to reflect changes in regulations, business operations, and industry best practices. All employees, customers, and business partners are expected to comply with these requirements.