[11/06, 15:02] Business assistant: Here’s an expanded version of Page 1:

*Page 1: Introduction*

*1.1. Purpose*

Alfil Capital Pvt Ltd is committed to preventing and detecting money

laundering and terrorist financing activities. This policy outlines our approach
to Anti-Money Laundering (AML) and ensures compliance with relevant laws
and regulations. Our goal is to maintain the highest standards of integrity
and transparency in our business practices, while protecting our customers,
employees, and stakeholders from the risks associated with money
laundering and terrorist financing.

*1.2. Scope*

This policy applies to all employees, officers, and directors of Alfil Capital Pvt
Ltd, including:

- All staff members involved in customer-facing activities

- Employees responsible for processing transactions

- Management and senior staff

- Third-party service providers and agents

*1.3. Policy Statement*

Alfil Capital Pvt Ltd is dedicated to maintaining the highest standards of

integrity and transparency in our business practices. We recognize the
importance of AML and Counter-Terrorist Financing (CFT) in preventing and
detecting financial crimes. This policy outlines our commitment to:

- Complying with relevant laws and regulations

- Identifying and assessing AML/CFT risks

- Implementing effective controls to mitigate AML/CFT risks

- Providing regular training and awareness programs for employees

- Maintaining accurate and complete records

- Cooperating with regulatory authorities and law enforcement agencies

By implementing this policy, we aim to ensure that Alfil Capital Pvt Ltd is a
safe and secure place for our customers to conduct their financial
transactions.

Would you like me to expand further or make any changes?

[11/06, 15:03] Business assistant: Here’s an expanded version of Pages 2-3:

*Page 2: Definitions*

*2.1. Money Laundering*

Money laundering is the process of disguising the origin of illicitly obtained

funds to make them appear legitimate. It involves concealing or disguising
the true source of funds, typically obtained through illegal activities such as
narcotics trafficking, corruption, or terrorism, to avoid detection by law
enforcement agencies.

*2.2. Terrorist Financing*

Terrorist financing involves providing financial support to terrorist

organizations or activities. It can involve the collection, transfer, or use of
funds for terrorist purposes, and can be carried out through various means,
including cash, wire transfers, or other financial instruments.

*2.3. Customer Due Diligence*

Customer due diligence involves verifying the identity of customers and

assessing their risk profile. It includes collecting and verifying customer
information, such as identification documents, address, and occupation, to
ensure that customers are who they claim to be.

*2.4. Suspicious Transaction Report (STR)*

A Suspicious Transaction Report (STR) is a report filed with the Financial

Intelligence Unit (FIU) when suspicious activity is detected. STRs are used to
report transactions that are suspected to be related to money laundering,
terrorist financing, or other financial crimes.

*Page 3: Definitions (continued)*

*2.5. Financial Intelligence Unit (FIU)*

The Financial Intelligence Unit (FIU) is a government agency responsible for

receiving, analyzing, and disseminating financial intelligence related to
suspected money laundering, terrorist financing, and other financial crimes.

*2.6. Know Your Customer (KYC)*

Know Your Customer (KYC) refers to the process of verifying the identity of
customers and assessing their risk profile. KYC is an essential component of
AML/CFT efforts, as it helps to prevent financial crimes by ensuring that
customers are who they claim to be.

*2.7. Beneficial Owner*

A beneficial owner is an individual who ultimately owns or controls a

customer, such as a company or trust. Identifying beneficial owners is critical
in AML/CFT efforts, as it helps to prevent the use of shell companies or other
opaque structures to launder money or finance terrorism.

*2.8. Politically Exposed Person (PEP)*

A Politically Exposed Person (PEP) is an individual who holds a prominent

public position or function, such as a head of state, government minister, or
senior military officer. PEPs are considered high-risk customers due to their
potential influence and susceptibility to corruption.

Would you like me to expand further or make any changes?

[11/06, 15:05] Business assistant: Here’s an expanded version:

*Page 4: Risk Assessment*

*4.1. Risk-Based Approach*

Alfil Capital Pvt Ltd adopts a risk-based approach to AML, identifying and
assessing potential risks associated with customers, products, and services.
This approach allows us to allocate resources effectively and implement
controls that are proportionate to the risks we face.

*4.2. Customer Risk Assessment*

We assess customer risk based on factors such as:

- Customer type (e.g., individual, company, trust)

- Customer location (e.g., high-risk countries)

- Customer activity (e.g., high-value transactions)

- Customer occupation or business activity

*Examples of High-Risk Customers:*

- A customer who is a PEP or has a close relationship with a PEP

- A customer who is a resident of a high-risk country or has ties to such

countries

- A customer who engages in high-value transactions or unusual patterns of

activity
- A customer who is unwilling to provide identification or cooperate with due
diligence efforts

- A customer with a history of suspicious activity or adverse media coverage

- A customer with a complex or opaque ownership structure

*4.3. Product/Service Risk Assessment*

We evaluate the risk associated with our products and services, including:

- Microfinance loans

- Savings accounts

- Money transfer services

- Mobile banking services

- Investment products

*Examples of High-Risk Products/Services:*

- Products or services that allow for anonymous transactions or large cash

transactions

- Products or services that are designed to facilitate cross-border transactions

- Products or services that are vulnerable to abuse by terrorist organizations

or other illicit actors

- Products or services with complex or opaque structures

- Products or services that are new or innovative and may pose unique risks

*4.4. Geographic Risk Assessment*

We consider the risk associated with different geographic locations, including

countries with:
- High levels of corruption

- Weak AML/CFT regulations

- High incidence of financial crimes

*Examples of High-Risk Countries:*

- Countries with known terrorist organizations or activities

- Countries with significant levels of corruption or organized crime

- Countries with weak or ineffective AML/CFT regulations

- Countries under international sanctions or embargoes

- Countries with a history of financial instability or crisis

*Page 5: Risk Assessment (continued)*

*4.5. Risk Mitigation Measures*

Based on our risk assessment, we implement risk mitigation measures to

reduce the risk of money laundering and terrorist financing. These measures
may include:

- Enhanced due diligence for high-risk customers

- Increased monitoring of high-risk transactions

- Implementation of additional controls for high-risk products or services

- Regular review and update of risk assessments

- Training for employees on AML/CFT risks and controls

*4.6. Ongoing Monitoring*

We continuously monitor customer activity and transactions to detect
suspicious activity and update our risk assessments accordingly. This
includes:

- Transaction monitoring

- Customer activity monitoring

- Review of customer information and updates

*4.7. Risk Assessment Review*

We review our risk assessments regularly to ensure they remain relevant and
effective in identifying and mitigating AML/CFT risks. This includes:

- Reviewing customer risk profiles

- Updating risk assessments based on new information

- Revising controls and mitigation measures as needed

By identifying and assessing potential risks, we can implement effective

controls to mitigate those risks and prevent financial crimes.

Would you like me to expand further or make any changes?

[11/06, 15:06] Business assistant: Here’s a further expanded version:

*Page 6: Customer Due Diligence*

*6.1. Customer Identification*

We verify customer identities using government-issued identification

documents, such as:
- National ID cards

- Passports

- Driver’s licenses

- Business registration documents (for entities)

*6.2. Customer Verification*

We verify customer information through various means, including:

- Database checks (e.g., credit bureaus, public records)

- Site visits (for businesses or high-risk customers)

- Third-party verification services (e.g., identity verification providers)

- Document verification (e.g., checking for authenticity and validity)

*6.3. Beneficial Ownership*

We identify beneficial owners of entities and assess their risk profile. This
includes:

- Identifying individuals with significant control or ownership (e.g., >25%

ownership)

- Verifying the identity of beneficial owners

- Assessing the risk associated with beneficial owners (e.g., PEPs, high-risk
countries)

*6.4. Ongoing Monitoring*

We continuously monitor customer activity to detect suspicious transactions

and update our risk assessments accordingly. This includes:

- Transaction monitoring (e.g., large or unusual transactions)

- Customer activity monitoring (e.g., changes in customer behavior)

- Review of customer information and updates (e.g., changes in customer

profile)

*Page 7: Customer Due Diligence (continued)*

*6.5. Enhanced Due Diligence*

We conduct enhanced due diligence for high-risk customers, including:

- Additional verification of customer information (e.g., multiple sources)

- Enhanced monitoring of customer activity (e.g., more frequent reviews)

- Increased scrutiny of transactions (e.g., manual review of high-risk

transactions)

*6.6. Customer Risk Classification*

We classify customers into risk categories based on their risk profile,

including:

- Low-risk customers (e.g., individuals with simple financial transactions)

- Medium-risk customers (e.g., businesses with standard financial

transactions)

- High-risk customers (e.g., PEPs, high-risk businesses, or customers with

complex financial transactions)

*6.7. Customer Due Diligence Documentation*

We maintain accurate and complete records of customer due diligence,

including:

- Customer identification documents

- Verification records

- Risk assessments

- Ongoing monitoring records

*6.8. Customer Due Diligence Review*

We review customer due diligence records regularly to ensure they remain

accurate and up-to-date. This includes:

- Reviewing customer information and risk assessments

- Updating customer profiles and risk classifications

- Ensuring compliance with regulatory requirements

By conducting thorough customer due diligence, we can ensure that we are

doing business with legitimate customers and reducing the risk of money
laundering and terrorist financing.

Would you like me to expand further or make any changes?

[11/06, 15:07] Business assistant: Here’s a further expanded version:

*Page 8: Reporting Requirements*

*8.1. Suspicious Transaction Reports (STRs)*

We file STRs with the Financial Intelligence Unit (FIU) when suspicious activity
is detected. This includes:

- Transactions that are unusual or unexplained

- Transactions that involve high-risk countries or entities

- Transactions that are inconsistent with a customer’s profile or activity

- Transactions that involve potential money laundering or terrorist financing

*8.2. Reporting to the Financial Intelligence Unit (FIU)*

We report suspicious activity to the FIU in accordance with Zimbabwean laws

and regulations. This includes:

- Filing STRs in a timely and accurate manner (within 24-48 hours)

- Providing complete and detailed information about the suspicious activity

- Cooperating with the FIU in their investigation and analysis of STRs

- Responding to requests for additional information or clarification

*8.3. Record Keeping*

We maintain accurate and complete records of all transactions, including:

- Transaction details (e.g., date, amount, parties involved)

- Customer information (e.g., identification, address)

- Transaction monitoring records

- STRs and related documentation

*Page 9: Reporting Requirements (continued)*

*8.4. Reporting Thresholds*

We have established reporting thresholds for suspicious transactions,

including:

- Transactions exceeding a certain amount (e.g., $10,000)

- Transactions involving high-risk countries or entities

- Transactions that are unusual or unexplained

- Transactions that involve potential money laundering or terrorist financing

*8.5. Reporting Procedures*

We have established procedures for reporting suspicious transactions,

including:

- Identifying and reporting suspicious activity to the AML officer

- Filing STRs with the FIU in a timely and accurate manner

- Maintaining records of STRs and related documentation

- Reviewing and updating reporting procedures regularly

*8.6. Confidentiality*

We maintain confidentiality when reporting suspicious transactions,

including:

- Protecting the identity of customers and employees involved in the report

- Ensuring that reports are made in a secure and confidential manner

- Limiting access to STRs and related documentation to authorized personnel

*8.7. Tipping Off*

We ensure that employees do not tip off customers or other parties about
suspicious transactions or STRs, including:

- Not disclosing information about STRs or investigations to customers or

other parties

- Ensuring that employees understand the importance of confidentiality and

tipping off
By reporting suspicious transactions and maintaining accurate records, we
can help prevent and detect money laundering and terrorist financing.

Would you like me to expand further or make any changes?

[11/06, 15:08] Business assistant: Here’s an expanded version of Pages 9-10:

*Page 9: Reporting Requirements (continued)*

*8.4. Reporting Thresholds*

We have established reporting thresholds for suspicious transactions,

including:

- Transactions exceeding a certain amount (e.g., $10,000)

- Transactions involving high-risk countries or entities

- Transactions that are unusual or unexplained

- Transactions that involve potential money laundering or terrorist financing

*8.5. Reporting Procedures*

We have established procedures for reporting suspicious transactions,

including:

- Identifying and reporting suspicious activity to the AML officer

- Filing STRs with the FIU in a timely and accurate manner

- Maintaining records of STRs and related documentation

- Reviewing and updating reporting procedures regularly

*8.6. Confidentiality*
We maintain confidentiality when reporting suspicious transactions,
including:

- Protecting the identity of customers and employees involved in the report

- Ensuring that reports are made in a secure and confidential manner

- Limiting access to STRs and related documentation to authorized personnel

*8.7. Tipping Off*

We ensure that employees do not tip off customers or other parties about
suspicious transactions or STRs, including:

- Not disclosing information about STRs or investigations to customers or

other parties

- Ensuring that employees understand the importance of confidentiality and

tipping off

*Page 10: Record Keeping*

*9.1. Record Keeping Requirements*

We maintain accurate and complete records of all transactions, including:

- Transaction details (e.g., date, amount, parties involved)

- Customer information (e.g., identification, address)

- Transaction monitoring records

- STRs and related documentation

*9.2. Record Retention Period*

We retain records for a minimum of 5 years, or as required by law. This
includes:

- Transaction records

- Customer information

- STRs and related documentation

- AML/CFT policies and procedures

*9.3. Record Storage and Security*

We store records securely and ensure that they are protected from
unauthorized access, including:

- Electronic records are stored on secure servers

- Physical records are stored in a secure location

- Access to records is limited to authorized personnel

By maintaining accurate and complete records, we can ensure compliance

with regulatory requirements and support our AML/CFT efforts.

Would you like me to expand further or make any changes?

[11/06, 15:09] Business assistant: Here’s an expanded version of Pages 10-

11:

*Page 10: Record Keeping*

*9.1. Record Keeping Requirements*

We maintain accurate and complete records of all transactions, including:

- Transaction details (e.g., date, amount, parties involved)

- Customer information (e.g., identification, address)

- Transaction monitoring records

- STRs and related documentation

*9.2. Record Retention Period*

We retain records for a minimum of 5 years, or as required by law. This

includes:

- Transaction records

- Customer information

- STRs and related documentation

- AML/CFT policies and procedures

*9.3. Record Storage and Security*

We store records securely and ensure that they are protected from
unauthorized access, including:

- Electronic records are stored on secure servers

- Physical records are stored in a secure location

- Access to records is limited to authorized personnel

*Page 11: Internal Controls*

*10.1. AML Committee*

We have established an AML committee to oversee our AML/CFT efforts,

including:
- Developing and implementing AML/CFT policies and procedures

- Monitoring and reviewing AML/CFT efforts

- Ensuring compliance with regulatory requirements

*10.2. Designated AML Officer*

We have designated an AML officer to be responsible for our AML/CFT efforts,

including:

- Overseeing AML/CFT policies and procedures

- Monitoring and reporting suspicious transactions

- Ensuring compliance with regulatory requirements

*10.3. Employee Training*

We provide regular training to employees on AML/CFT policies and

procedures, including:

- AML/CFT risks and threats

- Customer due diligence and transaction monitoring

- Reporting suspicious transactions

- Compliance with regulatory requirements

By implementing internal controls, we can ensure that our AML/CFT efforts

are effective and compliant with regulatory requirements.

Would you like me to expand further or make any changes?

[11/06, 15:09] Business assistant: Here’s an expanded version of Pages 12-

13:
*Page 12: Internal Controls (continued)*

*10.4. Independent Testing*

We conduct regular independent testing to ensure that our AML/CFT policies

and procedures are effective and compliant with regulatory requirements.
This includes:

- Conducting audits and reviews of AML/CFT policies and procedures

- Testing transaction monitoring and reporting systems

- Evaluating employee training and awareness programs

*10.5. Corrective Action*

We take corrective action when deficiencies or weaknesses are identified in

our AML/CFT policies and procedures, including:

- Updating policies and procedures

- Providing additional training to employees

- Implementing new controls or procedures

*10.6. Compliance with Regulatory Requirements*

We ensure compliance with all relevant regulatory requirements, including:

- Zimbabwean laws and regulations

- International standards and best practices

- Requirements of regulatory bodies and law enforcement agencies

*Page 13: Compliance*

*11.1. Regulatory Requirements*

We comply with all relevant regulatory requirements, including:

- The Financial Intelligence Unit Act

- The Money Laundering and Proceeds of Serious Crime Act

- Other relevant laws and regulations

*11.2. Zimbabwean Laws and Regulations*

We comply with Zimbabwean laws and regulations related to AML/CFT,

including:

- Requirements for customer due diligence and transaction monitoring

- Reporting suspicious transactions to the FIU

- Maintaining accurate and complete records

*11.3. International Standards*

We follow international staHere’s an expanded version of Pages 12-13:

*Page 12: Internal Controls (continued)*

*10.4. Independent Testing*

We conduct regular independent testing to ensure that our AML/CFT policies

and procedures are effective and compliant with regulatory requirements.
This includes:

- Conducting audits and reviews of AML/CFT policies and procedures

- Testing transaction monitoring and reporting systems

- Evaluating employee training and awareness programs

*10.5. Corrective Action*

We take corrective action when deficiencies or weaknesses are identified in

our AML/CFT policies and procedures, including:

- Updating policies and procedures

- Providing additional training to employees

- Implementing new controls or procedures

*10.6. Compliance with Regulatory Requirements*

We ensure compliance with all relevant regulatory requirements, including:

- Zimbabwean laws and regulations

- International standards and best practices

- Requirements of regulatory bodies and law enforcement agencies

*Page 13: Compliance*

*11.1. Regulatory Requirements*

We comply with all relevant regulatory requirements, including:

- The Financial Intelligence Unit Act

- The Money Laundering and Proceeds of Serious Crime Act

- Other relevant laws and regulations

*11.2. Zimbabwean Laws and Regulations*

We comply with Zimbabwean laws and regulations related to AML/CFT,
including:

- Requirements for customer due diligence and transaction monitoring

- Reporting suspicious transactions to the FIU

- Maintaining accurate and complete records

*11.3. International Standards*

We follow international standards and best practices for AML/CFT, including:

- FATF recommendations

- International standards for customer due diligence and transaction

monitoring

- Best practices for AML/CFT compliance

By complying with regulatory requirements and international standards, we

can ensure that our AML/CFT efforts are effective and compliant with relevant
laws and regulations.

Would you like me to expand further or make any changes?

[11/06, 15:09] Business assistant: Here’s an expanded version of Pages

14-15:

*Page 14: Customer Risk Management*

*12.1. High-Risk Customers*

We identify and monitor high-risk customers, including:

- Politically exposed persons (PEPs)

- Customers from high-risk countries
- Customers with a history of suspicious activity

*12.2. Customer Risk Mitigation Measures*

We implement risk mitigation measures for high-risk customers,
including:

- Enhanced due diligence

- Increased monitoring of transactions
- Regular review of customer activity

*12.3. Ongoing Monitoring*

We continuously monitor customer activity to detect suspicious
transactions and update our risk assessments accordingly.

*Page 15: Customer Risk Management (continued)*

*12.4. Customer Risk Classification*

We classify customers into risk categories based on their risk profile,
including:

- Low-risk customers
- Medium-risk customers
- High-risk customers

*12.5. Risk-Based Approach*

We apply a risk-based approach to customer risk management,
including:

- Identifying and assessing risk factors

- Implementing controls and mitigation measures
- Continuously monitoring and reviewing customer activity

*12.6. Customer Risk Management Documentation*

We maintain accurate and complete records of customer risk
management, including:

- Customer risk assessments

- Risk mitigation measures
- Ongoing monitoring records
By implementing effective customer risk management, we can reduce
the risk of money laundering and terrorist financing.

Would you like me to expand further or make any changes?

[11/06, 15:10] Business assistant: Here’s an expanded version of Pages
16-17:

*Page 16: Suspicious Activity Monitoring*

*13.1. Transaction Monitoring*

We monitor customer transactions to detect suspicious activity,
including:

- Large or unusual transactions

- Transactions that are inconsistent with a customer’s profile or activity
- Transactions that involve high-risk countries or entities

*13.2. Customer Activity Monitoring*

We monitor customer activity to detect suspicious behavior, including:

- Changes in customer behavior or activity

- Unusual or unexplained transactions
- Transactions that involve potential money laundering or terrorist
financing

*13.3. Investigation and Escalation*

We investigate and escalate suspicious activity to the AML officer,
including:

- Gathering additional information and documentation

- Conducting further analysis and review
- Determining whether to file a suspicious transaction report (STR)

*Page 17: Suspicious Activity Monitoring (continued)*

*13.4. Red Flags*

We have identified red flags for suspicious activity, including:

- Unusual or unexplained transactions

- Large cash transactions
- Transactions involving high-risk countries or entities

*13.5. Monitoring Tools and Techniques*

We use various tools and techniques to monitor customer activity and
detect suspicious transactions, including:

- Transaction monitoring software

- Customer activity monitoring software
- Manual review and analysis

*13.6. Ongoing Review and Update*

We regularly review and update our suspicious activity monitoring
procedures to ensure they remain effective and compliant with
regulatory requirements.

By monitoring suspicious activity and reporting it to the relevant

authorities, we can help prevent and detect money laundering and
terrorist financing.

Would you like me to expand further or make any changes?

[11/06, 15:10] Business assistant: Here’s an expanded version of Pages
18-19:

*Page 18: Record Keeping and Retention*

*14.1. Record Keeping Requirements*

We maintain accurate and complete records of all transactions,
including:

- Transaction details (e.g., date, amount, parties involved)

- Customer information (e.g., identification, address)
- Transaction monitoring records
- STRs and related documentation

*14.2. Record Retention Period*

We retain records for a minimum of 5 years, or as required by law. This
includes:

- Transaction records
- Customer information
- STRs and related documentation
- AML/CFT policies and procedures

*14.3. Record Storage and Security*

We store records securely and ensure that they are protected from
unauthorized access, including:

- Electronic records are stored on secure servers

- Physical records are stored in a secure location
- Access to records is limited to authorized personnel

*Page 19: Record Keeping and Retention (continued)*

*14.4. Record Keeping Procedures*

We have established procedures for record keeping, including:

- Maintaining accurate and complete records

- Retaining records for the required period
- Storing records securely

*14.5. Record Review and Update*

We regularly review and update our record keeping procedures to
ensure they remain effective and compliant with regulatory
requirements.

By maintaining accurate and complete records, we can ensure

compliance with regulatory requirements and support our AML/CFT
efforts.

Would you like me to expand further or make any changes?

[11/06, 15:10] Business assistant: Here’s an expanded version of Page
20:

*Page 20: Conclusion and Review*

*15.1. Policy Review*

We review this policy annually, or as needed, to ensure compliance
with changing regulatory requirements.

*15.2. Updates and Amendments*

We update and amend this policy as necessary to reflect changes in
AML/CFT laws, regulations, and best practices.

*15.3. Compliance*
We are committed to complying with all relevant AML/CFT laws,
regulations, and standards.

*15.4. Employee Awareness*

We ensure that all employees are aware of and understand this policy
and their roles and responsibilities in implementing it.

*15.5. Ongoing Improvement*

We continuously review and improve our AML/CFT policies and
procedures to ensure they remain effective and compliant with
regulatory requirements.

By implementing this policy, we can ensure that our AML/CFT efforts

are effective and compliant with regulatory requirements, and that we
are doing our part to prevent and detect money laundering and
terrorist financing.

This expanded version provides a comprehensive conclusion to the

policy document, emphasizing the importance of ongoing review,
update, and compliance.

Would you like me to expand further or make any changes?