1. Introduction

At Pocket Pesa, we are committed to maintaining the highest standards of legal and regulatory compliance. This Compliance Policy outlines our approach to meeting regulatory requirements and industry standards in the financial technology sector. Our compliance framework is designed to protect our users, prevent financial crimes, and ensure the integrity of our services.

2. Regulatory Framework

Pocket Pesa operates in accordance with all applicable laws and regulations, including but not limited to:

• The Financial Institutions Act of Uganda
• The Anti-Money Laundering Act
• The Electronic Transactions Act
• The Data Protection and Privacy Act
• Central Bank of Uganda regulations for mobile money and electronic payments
• International standards for financial transactions and data security

We maintain all necessary licenses and registrations required to operate as a financial technology provider in the jurisdictions where we offer our services.

3. Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF)

Pocket Pesa implements robust AML and CTF measures to prevent the use of our platform for illegal activities. Our AML/CTF program includes:

• Customer Due Diligence (CDD): We verify the identity of all users through a comprehensive KYC (Know Your Customer) process.
• Transaction Monitoring: We employ advanced systems to monitor transactions for suspicious activities and patterns.
• Risk Assessment: We conduct regular risk assessments of our products, services, and user base to identify and mitigate potential vulnerabilities.
• Reporting: We promptly report suspicious transactions to the relevant authorities as required by law.
• Record Keeping: We maintain comprehensive records of all transactions and user information in accordance with regulatory requirements.

4. Know Your Customer (KYC)

Our KYC procedures are designed to verify the identity of our users and assess potential risks. The KYC process includes:

• Identity Verification: Collection and verification of government-issued identification documents.
• Address Verification: Confirmation of residential or business address through appropriate documentation.
• Enhanced Due Diligence (EDD): Additional verification measures for high-risk users or transactions.
• Ongoing Monitoring: Regular updates and reviews of user information to ensure accuracy and detect changes in risk profiles.

We may request additional information or documentation from users at any time to maintain compliance with our KYC requirements.

5. Transaction Limits and Monitoring

To mitigate risks and ensure compliance, we implement transaction limits and comprehensive monitoring systems:

• Transaction Limits: Restrictions on transaction amounts based on account type, verification level, and risk assessment.
• Real-time Monitoring: Automated systems that analyze transactions as they occur to detect suspicious activities.
• Pattern Recognition: Advanced algorithms that identify unusual patterns or behaviors that may indicate fraudulent or illegal activities.
• Sanctions Screening: Checking transactions and users against international sanctions lists and watchlists.

We reserve the right to delay, block, or refuse transactions that we reasonably believe may violate applicable laws or regulations.

6. Data Protection and Privacy

We are committed to protecting the privacy and security of user data in compliance with applicable data protection laws. Our data protection measures include:

• Secure Data Storage: Implementation of industry-standard encryption and security measures to protect user data.
• Access Controls: Strict limitations on who can access user data and under what circumstances.
• Data Minimization: Collection and retention of only the data necessary for our services and compliance requirements.
• User Rights: Respect for user rights regarding their personal data, including access, correction, and deletion rights where applicable.

For more information, please refer to our Privacy Policy.

7. Fraud Prevention

Pocket Pesa employs multiple layers of fraud prevention measures to protect our users and maintain the integrity of our platform:

• Multi-factor Authentication: Additional security layers to verify user identity during login and transactions.
• Fraud Detection Systems: Advanced technologies to identify potentially fraudulent activities.
• User Education: Resources and information to help users recognize and avoid common fraud schemes.
• Secure Communication: Encrypted channels for all communications containing sensitive information.

We continuously update our fraud prevention measures to address emerging threats and vulnerabilities.

8. Compliance Training and Governance

Our commitment to compliance extends throughout our organization:

• Staff Training: Regular training for all employees on compliance requirements, fraud detection, and security protocols.
• Compliance Officer: Appointment of a dedicated Compliance Officer responsible for overseeing our compliance program.
• Internal Audits: Regular reviews of our compliance procedures and systems to identify areas for improvement.
• Board Oversight: Active involvement of our Board of Directors in compliance governance and risk management.

9. Reporting Violations

If you suspect any violations of laws, regulations, or our policies, please report them immediately:

• Email: compliance@pocketpesa.com
• Phone: +256 700 123 457
• In-App Reporting: Use the "Report" feature in our mobile application

We take all reports seriously and will investigate thoroughly while maintaining confidentiality to the extent possible.

10. Updates to This Policy

We regularly review and update our Compliance Policy to reflect changes in regulatory requirements, industry standards, and best practices. We will notify users of significant changes through our website, mobile application, or direct communication.

11. Contact Information

For questions or concerns regarding our compliance policies and procedures, please contact our Compliance Department:

Pocket Pesa Ltd.
Kampala, Uganda
Email: info@pocketpesa.app