POLICY OF ANTI-MONEY LAUNDERING AND COUNTERING THE FINANCING OF TERRORISM

PART I - IDENTIFICATION

1. OBJECTIVE

The Corporative Policy of Anti-Money Laundering and Countering the Financing of Terrorism and Concealment of Assets, Rights and Values in Operations (“Policy”) of Neon Pagamentos S.A. - Instituição de Pagamento (“Neon”), aims to define guidelines and rules that need to be observed by all, purposing the alignment of operations with legal and regulatory requirements, as well as best practices pertaining to Money Laundering, Financing of Terrorism, and Concealment of Assets, Rights and Values crimes.

2. SCOPE

Every employee, partner, supplier and third party has the responsibility to know and comprehend the terms of this Policy terms and seek prevention and detection of operations or transactions that have atypical characteristics to combat Money Laundering, Financing of Terrorism, and Concealment of Assets, Rights and Values crimes.

After approval by directors, this Policy should be widely disseminated internally. All employees are obligated to review the concepts of this Policy when annually attending the AML/CFT training (see item II.8).

3. GLOSSARY

Money Laundering: Criminal activities that aim to convert illegal money into legal money, in other words, it is the process by which the criminal transforms illicit resources into apparently legal resources by hiding the nature, origin, localization, disposition, movement or ownership of assets, rights or values derived, directly or indirectly, of a criminal offence.

Financing of Terrorism: It consists in collecting funds/capital to carry out a terrorist activity. This capital can be donated or obtained in legal or illegal activities, such as drug trafficking, prostitution, organized crime, smuggling, extorsion, kidnap, fraud etc.

Corruption: Suggest, offer, submit, request, accept or receive, directly or indirectly, undue advantages for public agents or third sector organizations.

Politically Exposed Person (PEP): Public agents who occupy or have occupied in the past 5 years, in Brazil or other countries, a public position or function in relevant public entities, as well as their representatives, family or other people with a close relationship. Furthermore, there are some situations that characterize a close relationship, and consequently the client can be considered a Politically Exposed Person, as direct or indirect company control of a client.

Final Beneficiary: Person that, directly or indirectly, owns, controls or has significant influence over the company structure. Exceptions to this rule are listed companies or non-profit organizations and the cooperatives, for which the information collected should encompass private individuals authorized to represent them, , as well as the controllers, administrators, executive directors, if applicable.

Shell Bank: Bank established in a jurisdiction in which there is no physical company and it is not integrated in a regulated financial group.

Institution: Neon Pagamentos S.A.

Controlled Company: Third Party Asset Manager (Neon Investimentos S.A.).

COAF: The Financial Activities Control Counsel, with the mission to produce financial intelligence and promote the financial sector’s protection against money laundering and financing of terrorism. COAF receives, examines and identifies suspicious occurrences of illegal activities and communicates the competent authorities to initiate procedures.

4. COMPETENCE APPROVAL

  • AML/ CFT manager, responsible for this policy management;
  • Head of Risk Operation and Compliance, responsible for the review
  • Statutory Directors, responsible for AML/ CFT;
  • Risk Operation and Compliance Committee, responsible for this policy approval.

5. NEON’S VALUES

INCREDIBLE AND HIGH PERFORMANCE

We deliver solutions for our clients with innovation, simplicity, and that extra something that makes all the difference. We are result-oriented to ensure the best experience for our clients.

TALENTED AND COLLABORATIVE

We are protagonists of our development, always seeking to improve our knowledge and abilities to deliver the best work to our clients. We spare no efforts to share information and help our colleagues. Here, we go by the motto one for all and all for one!

FUNNY AND RESPONSIBLE

We work in a light and relaxed way, but also with a lot of responsibility and focus on our commitments and results. We take responsibility for our work and company, after all, Neon is ours!

6. CONDUCT CODE PRINCIPLES

Honesty - We act according to what is fair, honest and upright.

Responsibility - We act seriously, know our obligations and are accountable for our actions.

Respect - We act considering customers, suppliers, employees, facilities and means of work, the community where we operate and the environment.

Our principles of conduct are detailed in the Neon Code of Conduct.

PART II – CONTENT

1. INTRODUCTION

Neon will evaluate the products and services offered considering the risk of improper use of the products and services for Money Laundering, Financing of Terrorism, and Concealment of Assets, Rights and Values in Operations, taking the necessary precautions to mitigate such risks. This Policy will identify the Money Laundering and Financing of Terrorism concepts, steps and characteristics of people and products susceptible of this crime.

This Policy strengthens the commitment of the whole organizational structure, business departments being the first line of defense or the Risk and Compliance department being the second line of defense.

2. ROLES AND RESPONSIBILITIES

The entire organizational structure has specific attributions in combating Money Laundering and Terrorism Financing, as described below.

2.1. RISK AND COMPLIANCE COMMITTEE

Deliberative and control committee, with deliberative powers, composed of Neon professionals, with the following responsibilities:

  • Deliberate applicable guidelines to Anti-Money Laundering and Countering the Financing of Terrorism covered in this Policy;
  • Submit proposals to the Board for the adoption of or changes to policies applicable to this topic;
  • Be aware of the attributions for the operational departments directly affected by AML/CFT rules, with the designation of the related responsibilities;
  • Monitor the effectiveness of activities and actions related to AML/CFT;
  • Ensure compliance with all rules and procedures established in the Policy and manuals related to AML/CFT;
  • Analyze the reports and communications issued by regulatory and self-regulatory entities, by the external audit, determining the actions and measures necessary to attend to the demands;
  • Decide on the hiring of specialized professional services, investments in control systems and technology, when deemed convenient;
  • Decide on the internal regulations of the commissions subordinated to this committee.

2.2. AML/CFT RESPONSIBLE DIRECTOR

  • Implement and monitor the execution of this Policy,other rules and their respective updates.
  • Comply with the determinations of the regulatory entities concerning AML/CFT issues.

2.3. ANTI-MONEY LAUNDERING

  • Apply and update the policies and regulations relevant to the prevention and combat of Money Laundering and Terrorism Financing crimes;
  • Ensure compliance with legislation, rules, regulations and internal policies that control the prevention and combat against Money Laundering and Terrorism Financing;
  • Disseminate and promote the culture of preventing and combating the Money Laundering and Terrorism Financing crimes;
  • Develop and implement tools and processes to support strategies for the corporate program of Money Laundering and Terrorism Financing prevention;
  • Monitor, identify and treat transactions carried out by clients encompassed by the monitoring rules in order to minimize operational, legal and image risks;
  • Establish processes and procedures for identifying, monitoring and analyzing suspicious money laundering and terrorist financing activities and/or operations;
  • Previously analyze new products and services, from the perspective of Anti-Money Laundering;
  • Prepare and make available for management, external and regulatory audits, reports and records of regulatory obligations related to AML/CFT, complying with the regulatory deadline;
  • Provide periodic training programs to ensure that all employees are properly oriented and updated regarding their obligations and responsibilities according to applicable regulations;
  • Maintain controls to ensure that all employees are trained annually;
  • Adopt controls regarding the knowledge of employees at their onboarding.

2.4. INTERNAL CONTROLS AND OPERATIONAL RISK

  • Identify, measure, monitor operational risk and report to the AML department if any atypically is identified;
  • Implement controls to prevent the risk of Money Laundering and Terrorism Financing;
  • Review and evaluate the efficiency regarding the implementation and controls of the AML/CFT Policy.
  • Accomplish effectiveness assessment tests within regulatory deadlines in specific reports.

2.5. CUSTOMER REGISTRATION

It is the responsibility of the Customer Registration department to comply with all the precepts contained in this Policy, with special attention to:

  • Define procedures for identifying and obtaining registration data aiming at the identification of the customer as well as ensuring regulatory compliance;
  • Define controls for validating registration data informed by customers;
  • Ensure that the customer's registration complies with the Federal Revenue status;
  • Consult the Compliance department when there is a suspected irregularity or doubt about the procedure to be adopted for the proper treatment of the process.

2.6. EMPLOYEES

It is the responsibility of all employees, even in the position of intern or third party, and partners:

  • Report any proposals, operations or situations considered atypical or suspicious;
  • Act with diligence and probity in supporting the AML department regarding requests for products, services and operations to ensure the application of the parameters and controls established in this Policy;
  • Disseminate the culture of Anti-Money Laundering and Countering Financing of Terrorism;
  • Comply with the Board determinations to act in the prevention of Money Laundering and Combating the Financing of Terrorism;
  • Finish the training and update seminars on Anti- Money Laundering and Combating Financing of Terrorism.

3. MONEY LAUNDERING CRIME STEPS

The process of laundering money typically involves three steps: placement, layering, and integration.

  • Placement – the criminal introduces the money obtained illegally into the legitimate financial system, through deposits, acquisition of negotiable instruments or consumer products. It is the removal of money from the location in which it was illegally acquired and its inclusion, for example, in the financial market.
  • Layering – it is the moment that the agent carries out suspicious transactions that characterize the crime of money laundering. In this phase, several complex transactions are carried out to disassociate the illegal source of money;
  • Integration – when the illegal resource definitively integrates the economic and financial system. From this moment on, the money receives a legal appearance.

4. RISK-BASED APPROACH

Neon adopts a risk-based approach stipulated by the verification of categories and variables. This action ensures that the measures adopted to prevent or reduce the money laundering and financing of terrorism crimes are proportional to risks identified during the relationship acceptance, monitoring or maintenance processes.

In order to mitigate subjectivity, the methodology stipulates that the customer will have a risk rating defined by an algorithmic model according to categories: Customer, Transaction and Product.

Our Internal Risk Assessment considers all costumers whose account was approved, excluding only those costumers that the opening account was disapproved, therefore, without any relationship with Neon.

For socio-environmental crimes, the risk classification logic is based on the repercussion of the image risk.

The Internal Risk Assessment and the reviews need to be approved by the Statutory Director responsible for AML/FT and forwarded to the Risk Committee and the Board of Director.

5. IDENTIFICATION

5.1. CUSTOMER IDENTIFICATION- KNOW YOUR CLIENT

It is a set of actions to establish mechanisms to ensure the identification, economic activity, origin and constitution of assets and financial resources of clients, encompassing collection, update and storage of registry data, including specifics procedures to identify the final beneficiary and Politically Exposed Persons.

Neon adopts, as the main way of registering the client, the electronic costumer identification form. The Customer Registration department is responsible for the analysis, registry of information and identification documents of costumers with whom the institution maintains a relationship.

In case the client is classified as a high risk, a more detailed diligence is made in the process. This diligence aims to identify the institution’s costumers and verify the relevant information to keep business and transactions, reducing the risk of digital financial crimes.

5.2. KNOW YOUR EMPLOYEE

It is a group of rules, procedures and controls that must be adopted for selection and monitoring of the reputation, to avoid relationships with people involved in illegal acts.

5.3. KNOW YOUR SUPPLIER

It is a set of rules, procedures and controls that should be adopted for supplier identification and acceptance, aiming to prevent the hiring of disreputable companies or those suspected of involvement in illegal activities. For those that represent a bigger risk, complementary procedures and specific approval levels must be adopted, according to the criticality of the notes or exceptions.

5.4. KNOW YOUR PARTNER

It is a group of rules, procedures, and controls that should be adopted for identification and acceptance of commercial partners, aiming to prevent business with disreputable parties or those suspected of involvement in illegal activities, as well as ensuring that they have adequate AML/CFT procedures, when applicable.

The Compliance department participates in the Products Committee to evaluate AML/CFT aspects of the new products and services with the main goal to reduce regulatory risk and the risk of these products being used for money laundering or financing of terrorism crimes.

5.5. NEW PRODUCTS AND SERVICES EVALUATION

AML/CFT department participate of Products Committee to previously evaluate from a AML/CTF perspective the new products and services with the objective of mitigating regulatory risks and the risk of these products being used to commit laundering money crimes and/or terrorist financing.

6. TRANSACTION MONITORING

The AML department is responsible for operation-monitoring routines and identification of signs of Money Laundering and Financing of Terrorism. Monitoring is carried out through a system that has an interface with internal systems that collect registration, operational and financial information from customers, through parameterization of rules. Once the occurrence is generated, the AML department should analyze the client profile and operations to confirm if they are evidences of Money Laundering and Financing of Terrorism.

As a result of any identification of suspicions of Money Laundering or Financing of Terrorism by clients, Neon can choose to end the commercial relationship.

7. REPORT OF SUSPICIOUS TRANSACTIONS TO REGULATORY ENTITIES

The operations, situations or proposals with signs of Money Laundering or Financing of Terrorism must be reported to regulatory entities, when applicable, as per legal and regulatory determinations.

Reports made in good faith do not entail civil or administrative liability to Neon, its managers or employees. The report information is confidential and cannot be disclosed to clients or third parties.

The report deadline is one business day after its approval.

8. TRAINING

Through an online system, all the employees and shareholders have access to training that aims to review the concepts of this Policy and encourage the adoption of applicable measures in face of suspicions of Money Laundering and Financing of Terrorism.

Annually, the AML department reviews the materials, and all are required to undergo a new training. In addition, during the onboarding, new employees need to finish this online training.

9. TERMINATION OF RELATIONSHIP

As a result of any evidence of Money Laundering or Financing of Terrorism by the clients is identified, Neon can choose to terminate the relationship, as well as report the evidences to Regulatory Entities, according to competence for deliberation.

10. MAINTENANCE OF INFORMATION AND RECORDS

Documents referring to transactions must be stored for a minimum period of 10 years from the closure of the account or the conclusion of the last transaction carried out by the customer.

11. CONFIDENTIALITY OF INFORMATION

All the information related to suspicion of Money Laundering and Financing of Terrorism are confidential, and should not be, in any case, made available to the involved parties.

The reports of suspicious cases regulated by Central Bank Rule No. 4001/20 (Circular BCB 4001/20) are for the exclusive use of the Regulatory Entities, for analysis and investigation.

12. EXCEPTIONS AND APPLICABLE PENALTIES

For cases of exception to the rules of this Policy, the applicant should present the exception request with respective grounds to the Board, and its approval should be carried out by, at least, two directors of this Policy.

The breach of the legislation and regulatory rules submits employees and shareholders to sanctions, which could be administrative penalties or criminal penalties, for Money Laundering, Financing of Terrorism and Fraud.

Negligence or voluntary failure are considered a breach of this Policy and the Ethics and Conduct Codes, leading to application of disciplinary measures provided for in internal regulations.

13. REFERENCES

NORMS RELATED

  • Law No. 9,613/98, as amended by Law No. 12,683/12; CVM Instruction nº 301/99 altered by ICVM 617/20
  • CVM Instruction nº 301/99, amended by ICVM 617/20 – REVOKED on 08/31/2020 by CVM Resolution nº 50;
  • Central Bank Rule No. 3,461/09(Circular BCB nº 3.461/09) – REVOKED on 2020/10/01 through Central Bank Rule No. 3,978/20 (Circular BCB nº 3.978/2020);
  • Central Bank Rule No. 3,542/12 (Carta-Circular BCB nº 3.542/12) – REVOKED on 2020/10/01through Central Bank Rule No. 4,001/20 (Circular BCB nº 4.001/2020);
  • Central Bank Resolution nº 44 of 11/24/2020;
  • Financial Activities Control Council (COAF) and Financial Action Group Recommendations (GAFI).
  • COAF Resolution nº 6 of 03/10/2021;
  • COAF Resolution nº 36 of 03/10/2021;
  • COAF Resolution nº 40 of 11/22/2021;
  • COAF Resolution nº 50 of 08/31/2021;
  • Anti-Corruption Law nº 12.846/13;
  • Financial Assets Blockade Law nº 13.170/2015;
  • Anti-Terrorism Law nº 13.260/2016

INTERNAL DOCUMENTS

  • Conduct Code (PC – 014);
  • Detection, Analysis and Communication Manual for AML (MO – 003).