Anti-Money Laundering (AML) & Know Your Customer (KYC) Policy – bazipasoor.com 🔒

Last updated: 25 October 2025

This page sets out the formal Anti-Money Laundering (AML) and Know Your Customer (KYC)r the online presence of BaziPasoor – bazipasoor.com.
BaziPasoor is primarily an educational and informational website about card games and does not itself
operate as an online casino or provide betting/real-money gambling services.
However, to the extent that we may interact with users, partners, or third-party services that involve
financial flows (for example, advertising partners, potential future paid educational services, or regulated affiliates),
we commit to aligning with robust AML/KYC standards.

This policy is designed to protect users and partners, deter illicit finance, and align any financial-related
operations connected to bazipasoor.com with internationally recognized standards.
It is written to meet strong EEATertise, Authoritativeness, Trustworthiness)
and YMYL (Your Money or Your Life) expectations by providing clear definitions, controls,
and documented procedures. ✅

📌 Scope, Purpose, and Applicability

This policy applies to any current or future products, pages, communications, and payment-related processes
that may be associated with bazipasoor.com, including (where applicable):

Account creation and profile management for educational services,
Any deposits, membership fees, or paid content (if introduced in future),
Refunds, withdrawals, or payouts related to legitimate and lawful services,
User-to-user transfers where supported by regulated third parties,
Promotional credits, vouchers, or coupons (if monetary value is attached),
Dispute handling where financial aspects are involved.

This policy applies to all personnel, contractors, payment partners, affiliates, and service providers
who support such services or processes connected to bazipasoor.com.

🧭 Regulatory Alignment & Best-Practice References

BaziPasoor seeks to align its AML/CFT (Anti-Money Laundering / Countering the Financing of Terrorism)
controls with the following international and regional references, to the extent applicable:

FATF Recommendations: risk-based AML/CFT approach, CDD/EDD, ongoing monitoring, reporting, and record retention.
Directive (EU) 2015/849 and Directive (EU) 2018/843 (AMLD4/AMLD5) concerning AML/CFT obligations
for obliged entities within the EU framework.
Regulation (EU) 2015/847 on information accompanying transfers of funds, where EU-linked payments are involved.
Applicable national AML/CFT laws, sanctions regimes, and supervisory guidance relevant to users’ locations
and our payment partners’ jurisdictions.
Data protection principles consistent with GDPR and equivalent privacy frameworks, including lawfulness, fairness,
transparency, data minimization, purpose limitation, integrity, and confidentiality.

🧾 Key Definitions

Money Laundering (ML):
The process of converting, transferring, concealing, or disguising the origin of property known or suspected
to be derived from criminal activity, or assisting persons involved in such activity to evade legal consequences.
Customer Due Diligence (CDD / KYC):
The process of identifying and verifying customers, understanding the nature and purpose of the relationship,
and applying appropriate monitoring over time.
Enhanced Due Diligence (EDD):
Additional, more stringent checks applied to high-risk customers, jurisdictions, products, or behaviors.
Source of Funds (SoF) / Source of Wealth (SoW):
Evidence explaining where deposited funds come from and how a customer acquired their overall wealth (e.g. salary,
business profits, investments).
Suspicious Transaction / Activity Report (STR / SAR):
A formal report submitted to a Financial Intelligence Unit (FIU) when ML/TF or other financial crime
is suspected, in accordance with applicable law.

🏛️ Governance & Accountability

Senior Management sets the tone from the top, approves AML/KYC policies, allocates resources,
and oversees effectiveness and remediation of issues.
An appointed AML Compliance Officer (AMLCO) (or equivalent role within any partner entity) is responsible for:
designing controls, supervising monitoring, investigating alerts, escalating cases, and liaising with competent authorities.
First Line of Defence (Operations & Support) executes CDD/EDD processes,
enforces payment rules, interacts with users, and flags anomalies.
Internal Audit / Independent Review performs periodic assessments of the AML framework, testing controls and
issuing recommendations for continuous improvement.

🛠️ Policy Maintenance & Change Control

All material changes to this AML/KYC Policy undergo a documented risk impact assessmentegal review where necessary, and must be formally approved by Senior Management and the AMLCO.
Previous versions are archived and retained for auditability and regulatory inspection.

🧩 Risk-Based Approach (RBA) & EWRA

BaziPasoor (and any regulated partners it works with) adopts a risk-based approachAt least once per year, an Enterprise-Wide Risk Assessment (EWRA) is conducted to identify and evaluate:

Inherent risks across products and services,
Delivery channels (web, mobile, third-party integrations),
User types (retail, corporate, affiliates),
Geographic exposure (countries/jurisdictions),
Transactional patterns and volume,
Sanctions and PEP (Politically Exposed Person) exposure,
Emerging typologies (including online gaming, virtual assets, and fraud trends).

EWRA outcomes define:

AML risk ratings,
Thresholds and rules for monitoring,
EDD triggers for higher-risk segments,
Frequency and depth of ongoing due diligence and reviews.

🪪 Tiered Customer Verification (KYC)

Where bazipasoor.com (or its regulated partners) operates user accounts with financial features, a
tiered verification model is applied. Certain actions may be paused until the required tier is completed.

Tier 1 – Basic Profile (required before any withdrawal)

Full name, date of birth, gender, nationality;
Country of usual residence and full address;
Automated database and sanctions checks (where legally permitted);
If checks are unavailable or mismatched, a proof of address (PoA) is required.

Tier 2 – Advanced ID Verification

Triggered when cumulative deposits or withdrawals reach 2,000 (USD/EUR or equivalent in local currency),
or a lower threshold depending on jurisdictional rules.

Valid government-issued ID photographed next to a random 6-digit code handwritten by the user,
A live selfie (or liveness check) for biometric match verification,
If e-verification fails: a recent PoA (utility bill, bank statement, or official letter issued within the last
3 months) showing full name and address. All four corners must be visible and text readable.

Tier 3 – Source of Funds / Source of Wealth (SoF/SoW)

Triggered when cumulative deposits or withdrawals reach 5,000valent)
or when peer-to-peer transfers reach 3,000.

Acceptable SoF/SoW documentation includes (non-exhaustive):

Employment income: recent payslips, HR letter, tax statements;
Business ownership: audited accounts, corporate registry extracts, shareholder registers;
Investments: brokerage statements, dividend records, proof of asset liquidation;
Inheritance or gifts: probate documents, notarized deeds, bank confirmations.

🌍 Geographic Risk Categorization

Low Risk: Countries with strong AML/CFT regimes and low corruption risk. Standard tiers and thresholds apply.
Medium Risk: Lower thresholds (e.g. 1,000 for Tier 2 and 2,500 for Tier 3). Crypto-to-fiat conversions
or cross-border activity may be treated as medium risk by default.
High Risk: Countries or regions under sanctions, high corruption indexes, or with known AML deficiencies.
Services may be restricted or prohibited. Jurisdiction lists are regularly reviewed against
sanctions lists and regulatory advisories.

💳 Payment Method Controls

As a baseline principle, the same method used for deposit should be used for withdrawal
at least up to the original deposited amount, to mitigate ML layering risks.
Third-party cards or bank accounts are prohibited. The name on the payment instrument must
match the verified user name.
Intentional structuring of deposits/withdrawals (e.g. splitting transactions to avoid thresholds) triggers EDD
and may result in restrictions, enhanced checks, or account closure.
Where bazipasoor.com only provides educational content and uses third-party platforms for payments
(e.g. app stores, payment gateways), those platforms’ own AML/KYC rules also apply.

🔎 Ongoing Monitoring & Three Lines of Control

First Line – Payment Partners & Operations

BaziPasoor partners only with reputable Payment Service Providers (PSPs) and platforms that operate
effective AML/KYC controls at onboarding and at transaction time. Operational teams ensure that obvious red flags are escalated.

Second Line – AML Compliance & Monitoring

Rules-based and machine-assisted monitoring is overseen by the AMLCO, focusing on:

Unusual deposit-withdrawal patterns (e.g. rapid in/out with no genuine use of services),
Inconsistent behavior with declared profile or geography,
Frequent currency switching where applicable,
Account takeover (ATO) indicators,
Counterparties or IP addresses linked to high-risk locations.

Third Line – Manual Review & Reporting

High-risk or suspicious users may be subject to:

Manual investigation and case file creation,
Temporary or permanent account restrictions,
Filing of STR/SAR with the competent FIU where legally required.

📈 Control Thresholds at a Glance

Control Layer	Trigger	Required Actions
CDD Tier 1	Account creation / before first withdrawal	Capture profile data, run automated checks; collect proof of address where needed.
CDD Tier 2	Deposit or withdrawal ≥ 2,000 (or local equivalent)	Government ID + handwritten 6-digit code + selfie; PoA if e-checks fail.
EDD Tier 3	Deposit/withdrawal ≥ 5,000 or P2P ≥ 3,000	SoF/SoW documentation; enhanced screening and manual review.
Monitoring	All customers	Rules + ML models; sanctions checks; case management; STR/SAR where applicable.

🧩 Acceptable SoF/SoW Examples

Employment income: recent payslips, contract, HR letter, tax declarations.
Business ownership: audited accounts, corporate registry extracts, tax filings.
Investments: brokerage statements, portfolio reports, proof of sale of assets.
Inheritance or gifts: probate documentation, notarized deeds, bank confirmations.

🚨 Detection, Escalation, and STR/SAR

Staff must promptly escalate atypical or suspicious activity to the AML team via secure channels.
The AML team reviews alerts, documents the rationale for decisions, and files STR/SAR
with the relevant FIU where required by law.
“Tipping-off” is strictly prohibited: users must not be informed of STR/SAR submissions when
disclosure is legally restricted.

🧰 Procedures & Playbooks

Operational playbooks translate this policy into step-by-step procedures, including:

Minimum CDD standards at onboarding,
Sanctions and watchlist screening,
EDD triggers and escalation paths,
Case management and documentation standards,
Account restrictions, freezes, and closure criteria,
Standard communication templates for users.

Where financial functionality exists, first withdrawalsnstrable
transactional activity of at least 70% of deposited funds (no pure circular flows) to deter misuse
of the platform for laundering or pass-through activity.

🧾 Record-Keeping

KYC and CDD/EDD records are retained for at least 10 years after the end of the business relationship,
or longer if required by local regulation.
Transaction records are kept for at least 10 years after execution or termination, whichever is later.
Records are stored securely with encryption at rest and in transit, using layered access controls,
backups, and integrity checks.

🧑‍🏫 Training & Awareness

Mandatory AML induction training for all new hires whose roles touch financial processes.
Periodic refresher training for finance, risk, operations, customer support, and product staff.
Case-based learning on typologies such as smurfing, mule accounts, synthetic identities,
online gaming abuse, and crypto on/off-ramp risks (where applicable).
Training effectiveness is monitored via KPIs, knowledge checks, quality assurance reviews, and audit feedback.

🧪 Internal Audit & Continuous Improvement

Internal Audit or an independent reviewer conducts regular assessments of:

AML control design and operating effectiveness,
Data quality and completeness of customer and transaction records,
Timeliness and appropriateness of case handling,
Root causes of confirmed issues and remediation plans.

Metrics such as false-positive ratios, case turnaround time, and post-investigation actions
inform continuous improvement of rules and processes.

🧱 Data Protection & Privacy 🔐

BaziPasoor collects the minimum data necessary for lawful AML/KYC obligations and service provision.
Personal data are not sold to third parties. Information may be shared only when required by law,
when cooperating with competent authorities, or when needed to prevent/detect financial crime.
We respect applicable privacy rights (e.g. under GDPR), including rights to:
access, rectification, restriction, objection, and data portability where legally applicable.
Appropriate technical and organisational measures protect data from unauthorized access, alteration, or loss.

🚫 Zero-Tolerance for Violations

Accounts linked to forged documents, stolen payment instruments, account-takeover, or unjustified flows
may be restricted or terminated.
Confirmed ML/TF, fraud, or other serious financial crime is reported to competent authorities
without prior notice, as permitted or required by law.
Attempts to circumvent AML/KYC controls may result in permanent blocking of services and blacklisting with partners.

📫 Contact

If you have questions about this AML/KYC Policy, wish to exercise privacy rights,
or need to report suspicious activity related to services connected with bazipasoor.com, please contact us via:

Website: https://bazipasoor.com
General & Support Email: [email protected]
Legal & Compliance: [email protected]
Phone (office hours): +98 21 4721 8040

⚠️ Compliance Notice

Use of bazipasoor.com and any current or future financial-related services associated with it
constitutes acceptance of this AML/KYC Policy.
Failure to provide requested documentation or to pass verification checks may result in
delayed withdrawals, rejected transactions, restricted functionality, or account closure,
in line with applicable laws and risk appetite.

We reserve the right to update this document periodically to reflect evolving regulations,
supervisory expectations, technological developments, and best practices.