ANTI–MONEY LAUNDERING & COUNTER–TERRORIST FINANCING POLICY
Fraud & Financial Crime Prevention
Purpose
The purpose of this framework is to establish how Octapex identifies, prevents, detects, and responds to financial crime risks, including fraud, money laundering, terrorist financing, and misuse of financial systems.
We aim to maintain a secure, transparent, and compliant operating environment that protects our users, partners, and the integrity of the broader financial ecosystem.
Scope
This framework applies to all users of the Octapex platform, as well as all products, services, and transactions facilitated by the Company.
It also extends to employees, officers, and any individuals acting on behalf of Octapex, ensuring that financial crime controls are embedded across all operational and decision-making processes.
Regulatory Compliance
Octapex operates as a registered Money Services Business in Canada and complies with the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA).
Our controls and procedures are aligned with the expectations of the Financial Transactions and Reports Analysis Centre of Canada and applicable regulatory guidance relating to anti-money laundering and counter-terrorist financing.
Where applicable, we also consider broader financial crime and market integrity obligations under relevant laws and regulatory frameworks.
Governance and Accountability
Octapex maintains a defined governance structure to oversee financial crime risk management.
Responsibility for the effectiveness of the framework ultimately rests with senior management, while day-to-day oversight is performed by the Compliance function. A designated Money Laundering Reporting Officer (MLRO) is responsible for assessing suspicious activity and determining whether regulatory reporting obligations are met.
Clear separation of responsibilities ensures independence in decision-making and alignment with regulatory expectations.
Risk-Based Approach
Our framework is built on a risk-based methodology that assesses exposure across the full lifecycle of the customer relationship.
Customer due diligence is conducted at onboarding and maintained on an ongoing basis. As part of this process, we perform sanctions screening and politically exposed person (PEP) checks, both at onboarding and periodically thereafter.
Where higher-risk indicators are identified, such as unusual transaction patterns, cross-border exposure, or complex activity - enhanced due diligence measures are applied. This ensures that controls remain proportionate and responsive to evolving risks.
Fraud Prevention and Platform Security
Octapex implements a combination of technical safeguards and operational controls to protect against account compromise, unauthorized access, and transactional fraud.
Security measures include multi-factor authentication, monitoring of login and device behaviour, and detection of anomalies that may indicate suspicious activity. Transaction controls and internal review mechanisms are used to identify and mitigate irregular or high-risk activity.
Monitoring, Detection, and Investigation
All platform activity is subject to ongoing monitoring using automated systems and internal review processes.
Alerts generated through monitoring are assessed by the Compliance function and escalated where necessary. Investigations may involve multiple internal teams, depending on the nature and severity of the activity.
Where a credible risk is identified, Octapex may apply appropriate measures, including account restrictions, enhanced verification, or further investigation.
Reporting and Cooperation
Where required under applicable law, Octapex reports suspicious activity to the Financial Transactions and Reports Analysis Centre of Canada.
The Company cooperates with regulatory authorities and law enforcement agencies and may provide relevant information in accordance with its legal obligations.
Market Integrity
Octapex monitors platform activity to ensure a fair and orderly environment and to detect potential misuse or manipulation.
Where concerning behaviour is identified, appropriate measures may be taken to protect the integrity of the platform and its users.
Record Keeping
Octapex maintains records relating to customer identification, transaction activity, monitoring alerts, and internal investigations in accordance with applicable legal and regulatory requirements.
These records are retained in a secure and auditable format and are made available to competent authorities upon lawful request.
User Responsibilities
Users are expected to take reasonable steps to maintain the security of their accounts, including safeguarding credentials and enabling available security features.
Any suspected unauthorized activity should be reported without delay. Failure to follow basic security practices may increase exposure to fraud risk.
Continuous Improvement
Octapex maintains an ongoing commitment to strengthening its financial crime controls.
This includes regular review of risk models, enhancement of monitoring systems, and alignment with evolving regulatory expectations and industry best practices.
Policy Integration
This page provides a high-level overview of Octapex’s financial crime framework and should be read alongside our Anti-Money Laundering and related internal policies.