Logo
Back to HomeAML/CFT/CPF Policy

AML/CFT/CPF Policy

Document Version: 2026.1.0 · Effective Date: January 2026 · Regulatory Framework: SEC ARIP / ISA 2025 · Strategic Partner: Busha Digital Limited (SEC-Licensed VASP)

1. Policy Statement

Dr. Bills Exchange is committed to the highest standards of financial integrity and regulatory excellence. We ensure that our crypto-exchange, virtual card services, and payment platforms are not utilized as conduits for money laundering (ML), terrorism financing (TF), or proliferation financing (PF) of weapons of mass destruction.

Under our guiding principle of "Compliant Innovation," we bridge fiat and digital assets by:

  • Implementing sound AML and CFT/CPF policies ensuring our platforms are not used as conduits for money laundering or illicit business financing.
  • Implementing policies and guidelines from relevant regulatory bodies to ensure compliance with all domestic and international AML/CFT laws.
  • Full compliance with both the letter and spirit of all regulatory requirements, maintaining a high standard of market conduct.
  • Conducting all digital asset and virtual card business in accordance with all regulatory policies governing our operating environment.
  • Giving full cooperation to law enforcement authorities within the limits of rules governing confidentiality and data protection.
  • Maintaining a robust technical compliance framework by enforcing mandatory KYC/KYB identity verification, advanced blockchain monitoring (KYT), and dynamic velocity limits on virtual card transactions.

2. Regulatory Compliance & Partnership Statement

Dr. Bills Exchange is committed to the following standards of governance and regulatory alignment:

  • Strategic Regulatory Alignment: The platform operates in strategic partnership with Busha, a pioneer SEC-licensed VASP, ensuring alignment with the SEC Nigeria ARIP and the Investments and Securities Act.
  • Collaborative Vigilance: We regularly train staff and academy students to identify suspicious activities and high-risk blockchain interactions.
  • Authorized Educational Standard: Dr. Bills Academy maintains an AML/CFT training program that mirrors the latest SEC and NFIU directives, including the Travel Rule and blockchain forensics requirements.
  • Regulatory Referral Protocols: Clear internal referral processes ensure all compliance matters are handled with the transparency required for SEC-regulated ecosystems.
  • Agile Compliance Adaptation: Dr. Bills Exchange continuously implements internal controls to adapt to the evolving SEC digital asset framework.
  • Executive Accountability & Liaison: An Executive Director serves as Executive Compliance Officer and a senior management lead as Chief Compliance Officer (CCO), overseeing all AML/CFT/CPF programs.

3. Role of the Chief Compliance Officer (CCO)

The CCO is the designated officer responsible for ensuring the platform's operations align with SEC regulatory requirements, managing the compliance interface with Busha Digital Limited.

Reporting & Liaison to Busha

  • Data Integrity & API Reporting: Oversees accuracy of all transaction data and KYC files shared with Busha's infrastructure for SEC reporting.
  • Audit Synchronization: Coordinates with Busha's compliance team during periodic joint audits or SEC inspections.
  • Regulatory Escalation: Directly notifies Busha's Compliance Director of any Red Flag transactions for timely SAR/STR filing with NFIU and SEC.

Role to the Board of Directors

  • Partnership Health Monitoring: Reports to the Board on the status of the Busha partnership and compliance scores.
  • Regulatory Roadmap: Advises the Board on upcoming SEC rules and prepares the organization for future independent licensing.

Role to Management

  • Product Vetting: Reviews every virtual card feature or crypto-listing to ensure compliance with Busha's SEC license terms.
  • Internal Control Execution: Manages implementation of KYC and KYT tools, ensuring security is never compromised for speed.

4. Staff Obligations & AML Compliance Mandate

All employees of Dr. Bills Exchange are the primary defence against financial crime. This policy ensures integrity of our partnership with Busha and standing with the SEC is maintained at every level.

I. Regulatory Familiarization

  • All employees must thoroughly familiarize themselves with the AML/CFT Handbook, internal SOPs, and technical manuals relevant to their specific roles.
  • Staff are mandated to implement all risk-mitigation measures including KYC, Blockchain Analysis (KYT), and Virtual Card Monitoring with the highest diligence.
  • "Willful Blindness" — ignoring suspicious signs — is considered a violation of this policy and may result in disciplinary action or legal liability.

II. Mandatory Reporting

  • Employees must report any internal legal violations or ethical misconduct through the official Whistleblowing Channel.
  • Dr. Bills Exchange maintains a Non-Retaliation Policy — no employee shall be penalized for reporting genuine compliance concerns.

III. Detection & Escalation of Suspicious Activities

  • All staff must report any suspected ML, TF, or PF activities directly to the CCO.
  • Red Flag Protocol: Watch for sudden spikes in transaction volume/velocity, attempts to link virtual cards to sanctioned wallets, and inconsistent or forged KYC documentation.
  • Anti-Tipping Off Provision: Employees are strictly prohibited from disclosing to a customer that a SAR is being prepared — a criminal offense under Nigerian AML laws.

Continuous Professional Development

  • Complete the Quarterly Compliance Refresher Course at Dr. Bills Academy.
  • Pass an annual assessment on SEC Nigeria regulatory updates and VASP guidelines.
  • Attend specialized training on blockchain forensics and virtual card fraud detection.

5. Regulatory & Legal Framework (VASP Summary)

Dr. Bills Exchange operates in strategic partnership with Busha, an SEC-Licensed VASP. Our compliance architecture is governed by the following apex authorities:

Primary Institutional Framework

  • Securities and Exchange Commission (SEC): Primary regulator for digital assets. We adhere to the ISA 2025 and SEC VASP rules.
  • Nigerian Financial Intelligence Unit (NFIU): Central agency for all AML/CFT intelligence and suspicious transaction reporting.
  • Central Bank of Nigeria (CBN): Regulates fiat-gateway banking relationships and VASP settlement account protocols.
  • Economic and Financial Crimes Commission (EFCC): Lead enforcement body for financial crime and digital asset forensic investigations.
  • SCUML: Provides secondary AML oversight for payment services.

Core Legislative Framework

  • Investments and Securities Act (ISA) 2025: Reaffirms SEC authority over digital assets and mandates strict licensing for all exchange and card platforms.
  • Money Laundering (Prevention and Prohibition) Act, 2022: Sets legal requirements for identity verification (KYC) and transaction reporting.
  • Terrorism (Prevention and Prohibition) Act, 2022: Mandates immediate freezing of assets for individuals on domestic and international sanctions lists.
  • SEC Digital Asset Rules (2024–2026): Specific technical guidelines for custody, exchange operations, and virtual card issuance within Nigeria.

6. ML/TF/PF Risk Assessment Framework

Dr. Bills Exchange adopts a proactive Risk-Based Approach (RBA) to ensure resources are focused on areas of highest vulnerability. Standard KYC alone is considered insufficient; our framework evaluates the inherent risk of every user and transaction before applying calibrated controls.

Risk Identification Pillars

  • Customer Risk: Identification of PEPs, users from high-risk jurisdictions, or entities with opaque ownership structures.
  • Product & Service Risk: Assessing risks of Virtual Cards (anonymity/velocity) and Cryptocurrency Exchange (traceability/cross-border speed).
  • Geography Risk: Monitoring transactions originating from or destined for Grey-listed or Black-listed FATF jurisdictions.
  • Channel/Technology Risk: Evaluating risks from non-face-to-face onboarding and anonymity-enhancing technologies (e.g., mixers or privacy coins).

Risk Classification Matrix

Risk LevelCustomer ProfileRequired Controls
LOWLocal salary earners, students, and verified educational users of Dr. Bills Academy.Standard CDD, basic ID verification, and monthly transaction monitoring.
MEDIUMHigh-volume retail traders and corporate accounts with clear business purposes.Standard CDD + periodic reviews and velocity triggers on virtual card spending.
HIGHPEPs, non-resident foreigners, and users interacting with unhosted/private wallets.Enhanced Due Diligence (EDD), Proof of Wealth/Funds, and real-time Blockchain Analytics (KYT).

Technical Mitigation & Monitoring

  • Real-time Blockchain Forensics (KYT): We verify the Transaction (KYT) in addition to the Person (KYC). Any crypto-asset linked to darknet markets, scams, or sanctioned addresses is automatically frozen.
  • Virtual Card Velocity Limits: Automated systems flag layering behavior such as multiple small loads and rapid off-ramping — classic indicators of money laundering.
  • Travel Rule (FATF R.15): For transfers exceeding regulatory thresholds, originator and beneficiary information is securely transmitted.

Ongoing Risk Re-Assessment

  • Daily automated scans of the Sanctions List (OFAC, UN, SEC).
  • Quarterly enterprise-wide risk assessments to identify new Crypto Typologies.
  • Annual independent audits to ensure our RBA remains commensurate with the scale of operations.

7. Know Your Customer (KYC) & Identity Verification

All customers must undergo identity verification before accessing platform services. Dr. Bills Exchange employs a comprehensive KYC framework aligned with Busha and SEC VASP standards, with enhanced checks applied to higher-risk profiles.

As our regulated partner, Busha has real-time audit access to our KYC logs to ensure we meet the VASP Gold Standard. Any user blacklisted on Busha for suspicious activity is automatically blocked from Dr. Bills Exchange.

8. Tiers of KYC & Transaction Limits

Aligned with Busha & SEC VASP Standards

Dr. Bills Exchange implements a three-tier system that allows for financial inclusion while enforcing strict Value-at-Risk limits.

Tier 1 — Basic

Daily Limit: ₦50,000

Balance Limit: ₦300,000

Verification: BVN/NIN via NIBSS/NIMC API

  • Full Legal Name
  • Phone Number & Date of Birth
  • BVN or NIN
Tier 2 — Standard

Daily Limit: ₦2,000,000

Balance Limit: ₦3,500,000

Verification: Manual or AI-assisted review

  • Everything in Tier 1
  • Government-issued Photo ID
  • Verified Residential Address
Tier 3 — Advanced

Daily Limit: ₦1,000,000+

Balance Limit: Unlimited

Verification: Real-time facial recognition

  • Everything in Tier 2
  • Biometric Liveness Check
  • Proof of Source of Wealth

Critical Partnership Protocol: The "Busha Sync"

  • Uniformity: Our Tier 1–3 requirements are identical to Busha's. Users blacklisted on Busha are automatically blocked from Dr. Bills Exchange.
  • Audit Readiness: All Tier 2 and Tier 3 KYC documents are stored in encrypted format accessible for Busha Spot Audits to satisfy SEC regulators.
  • Cross-Platform Portability: Users who have completed Tier 3 on Busha may be offered Express Onboarding on Dr. Bills Exchange, maintaining a seamless regulated ecosystem.

9. Politically Exposed Persons (PEPs) Policy

Dr. Bills Exchange defines PEPs as individuals entrusted with prominent public functions, including governmental officials, senior executives of state-owned enterprises, directors of international organizations (e.g., UN, AU, ECOWAS), and their immediate family and close business associates (RCAs).

Risk Assessment & Minimization

StepActionDescription
IdentificationAutomated ScreeningAll users are screened against global PEP databases (e.g., Dow Jones, Refinitiv) during onboarding.
Risk ScoringTiered ClassificationForeign PEPs are automatically High Risk. Domestic PEPs are evaluated based on seniority and influence.
AuthorizationSenior Management ApprovalNo PEP account can be activated without formal sign-off from the Chief Compliance Officer (CCO).
MinimizationEnhanced Due Diligence (EDD)Source of Wealth (SoW) and Source of Funds (SoF) checks are mandatory to ensure money is not from public coffers.
  • Data Governance: A dedicated PEP Register is maintained, with Declassified PEPs (former officials) tracked for 12–24 months after leaving office.
  • Transaction Monitoring: PEP accounts are subject to real-time monitoring; unusual velocity or high-risk wallet interactions trigger an immediate STR.
  • The Proxy Rule: Close Associates and Immediate Family are treated with the same level of scrutiny as the PEP themselves, and automatically subjected to EDD.

10. Sanctions Compliance & Internal Enforcement

Dr. Bills Exchange maintains a Zero-Tolerance Policy regarding interactions with sanctioned individuals, entities, or jurisdictions. We perform real-time screening against UNSC, OFAC, EU, SEC Nigeria, and NFIU sanctions lists.

Protocol for a Sanctions Match

  • Immediate Freeze: The account and all associated crypto/fiat assets are frozen instantly without prior notice to the user.
  • Regulatory Notification: A report is filed with the NFIU and the SEC within 24 hours.
  • Prohibited Jurisdictions: We do not provide virtual cards or exchange services to residents of FATF-identified High-Risk (Black-listed) countries.

Internal Enforcement & Penalties (Staff)

ViolationPotential Penalty
Negligence

Failure to collect required KYC documents.

Formal Warning & Mandatory Retraining.
Willful Blindness

Purposely ignoring Red Flags or high-risk activity.

Suspension & Final Warning.
Tipping Off

Informing a customer they are under investigation.

Termination of Employment & Referral to EFCC/NFIU.
Collusion/Fraud

Assisting a user in laundering funds or bypassing tiers.

Immediate Dismissal & Criminal Prosecution.

11. Audit, Monitoring & Policy Review

The Internal Audit/Compliance Team is mandated to conduct objective, periodic reviews to provide assurance to the Board and Busha that our AML/CFT/CPF framework is effective and compliant with SEC, NFIU, and EFCC requirements.

Audit Scope

  • KYC/CDD Verification: Testing the accuracy of Tier 1–3 onboarding and the validity of biometric Liveness checks.
  • Transaction Monitoring (KYT): Reviewing effectiveness of blockchain forensic tools in flagging Red Flag wallet addresses.
  • Reporting Accuracy: Verifying all STRs and CTRs were filed correctly and within the 24-hour regulatory window.
  • Staff Training Validation: Ensuring 100% of the team have completed mandatory annual compliance certifications.

Annual Policy Review & Revision

This policy is subject to a mandatory formal review every 12 months, or sooner if triggered by:

  • Legislative shifts — new SEC directives or amendments to the Money Laundering Act 2022.
  • Partnership requirements — updates to Busha's internal compliance standards.
  • Emerging typologies — new FATF or NFIU-identified methods of financial crime targeting virtual assets.
  • Operational expansion — launching new product features such as cross-border payment gateways.

12. Board Signatory Page

This AML/CFT/CPF Policy has been reviewed and formally adopted by the Board of Directors of Dr. Bills Exchange. By signing below, the Board affirms its commitment to maintaining a compliant and transparent financial ecosystem.

Chairman of the Board

SignatureDate

Executive Director (Compliance)

SignatureDate

Chief Compliance Officer (CCO)

SignatureDate