Q1. If your business also has a trading name, please put this alongside the registered name.
We strongly advise you to put your business’s website address down. If you don’t have a website but you have a Facebook page for your business or something similar, feel free to put that web address down.
If you don’t have a website or social media page for your business, please put N/A for website address.
Q4. In your answer, do mention that you are a reporting entity under AML/CFT Act and are required to carry out Customer Due Diligence to meet the Act.
Q5. If you don’t have a Privacy Policy or the other policies mentioned, we recommended that you do create them.
Q6. Like Q5. we recommend you have the documented plans.
Q7. This question is required. Briefly outline details of your security and risk management practices.
You may like to consider the following:
- Do you have password policies in place and renew passwords regularly?
- Do you use 2 factor authentication?
- Do you protect your business’ data and your customer’s?
- Do you limit staff access to sensitive information on a ‘need to know’ basis?
- Do you only collect data that is required to carry out business activities?
- Do you regularly make secure, offsite backups or back up to the cloud?
Are staffed trained and aware of their responsibilities regarding risk management and security procedures?