Anti-Money Laundering and Counter-Terrorist Financing Policy

Version: 1.0
Effective date: 10 November 2022
Contact: contact@fgcapitaladvisors.com


1) Policy statement

FG Capital Advisors (“FGCA”, “the Firm”) has zero tolerance for money laundering, terrorist financing, sanctions breaches, and predicate offences such as bribery, fraud, or tax evasion. We apply a risk-based approach across all services. If a customer, transaction, or relationship cannot meet our standards, we do not proceed. No revenue target overrides this rule.


2) Scope

This policy applies to all FGCA directors, employees, contractors, and temporary staff. It covers:

  • Client onboarding and engagement
  • Acceptance of fees and expenses
  • Advisory work, introductions to regulated counterparties, and ongoing relationship management
  • Third-party and outsourced service providers acting for FGCA


3) Legal and regulatory framework (United Kingdom)

FGCA follows UK law and guidance, including:

  • Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, as amended (“MLR 2017”)
  • Proceeds of Crime Act 2002 (“POCA”)
  • Terrorism Act 2000
  • Sanctions and Anti-Money Laundering Act 2018, and HM Treasury/OFSI sanctions
  • FCA Handbook systems and controls expectations (where applicable)
  • JMLSG Guidance for the UK financial sector
  • UK GDPR and Data Protection Act 2018

Where we work with clients or partners in other countries, we also respect applicable local AML/CFT and sanctions rules.


4) Roles and responsibilities

Board/Senior Management

  • Set risk appetite, approve this policy, ensure resources and oversight.

MLRO

  • Keeps the business-wide risk assessment current
  • Maintains policies, screens higher-risk cases, and provides consent or rejection
  • Receives internal suspicious activity reports (SARs)
  • Files SARs to the UKFIU/NCA and manages any “consent” requests and moratorium periods
  • Reports to Senior Management at least quarterly

All staff

  • Complete AML/CFT training
  • Follow procedures and escalate concerns to the MLRO immediately
  • Do not “tip off” any person who is the subject of a suspicion


5) Business model and inherent risk

FGCA is a corporate finance advisor and arranger. We do not accept or hold client investment funds. Fees are the only funds we receive. Placement, custody, and settlement occur through regulated partners, who complete their own KYC/AML. Our main residual risks are:

  • Complex corporate structures and cross-border clients
  • High-risk sectors or jurisdictions
  • Third-party fee payments and refund requests
  • Politically Exposed Persons (PEPs) and sanctions exposure

Controls in this policy address these risks.


6) Risk-based approach

Business-wide risk assessment (BWRA). The MLRO maintains the BWRA covering products, delivery channels, client types, geographies, and counterparties. It is reviewed at least annually or after material change.

Client risk rating. Every client is risk-rated at onboarding and reviewed during the relationship. Risk factors include:

  • Ownership and control, use of nominees, trusts, bearer shares
  • Jurisdiction risk (FATF lists, HM Treasury advisories, sanctions)
  • Adverse media and litigation
  • Delivery channel (non-face-to-face, intermediaries)
  • Source of funds and source of wealth

Higher risk triggers enhanced due diligence (EDD) and senior management sign-off.


7) Prohibited relationships and transactions

FGCA will not onboard or continue with:

  • Sanctioned persons or entities, or those owned or controlled by them
  • Clients linked to comprehensively sanctioned countries
  • Shell banks and anonymous or numbered accounts
  • Unclear or unverifiable beneficial ownership
  • Requests to accept cash, virtual assets, or third-party payments that cannot be fully verified
  • Attempts to bypass controls, pressured timelines with incomplete KYC, or requests to back-date documents


8) Customer due diligence (CDD)

When CDD is required

  • Before entering into an engagement
  • When risk changes or doubts arise about prior data
  • On occasional transactions that meet MLR thresholds

Individuals

  • Full name, DOB, nationality, residential address
  • Government photo ID and proof of address (certified where required)

Companies and other legal persons

  • Legal name, number, registered office, trading address
  • Governing documents and active status
  • Directors and senior management
  • Beneficial owners: any natural person with 25% or more ownership or control, or otherwise exercising control
  • For trusts and similar structures: settlor(s), trustee(s), protector(s) if any, and beneficiaries

Verification

  • Independent and reliable sources: company registries, government data, regulated e-ID providers, notarised or certified copies, liveness checks for remote onboarding

Source of funds and source of wealth

  • Evidence commensurate with risk: bank statements, audited accounts, contracts, payslips, sale agreements, tax returns, or other credible proof

Reliance on third parties

  • Only under MLR 2017 reliance provisions with written assurance and immediate access to underlying CDD. FGCA remains responsible for its own risk assessment.


9) Enhanced due diligence (EDD)

EDD applies to, at minimum:

  • PEPs, their family members, and close associates
  • High-risk third countries
  • Complex ownership or unexplained structures
  • Adverse media with integrity risk
  • Non-face-to-face onboarding without robust verification
  • Requests involving refunds, overpayments, or unusual fee behaviour

EDD measures may include:

  • Senior management approval
  • Additional identification and verification
  • Detailed source of wealth and source of funds
  • Independent references or professional attestations
  • Tighter payment controls and more frequent reviews


10) Sanctions and screening

  • Screen all clients, beneficial owners, connected parties, and relevant transactions against UK sanctions (OFSI), UN lists, and other major lists where relevant.
  • Re-screen on material changes or at least quarterly for higher-risk cases.
  • If a match is confirmed, freeze any relevant activity, notify the MLRO at once, and report to OFSI where required. Do not proceed without clearance.


11) Transaction controls and payments

  • FGCA only accepts fees and agreed expenses. We do not receive, hold, or move client investment capital.
  • No cash.
  • No virtual assets or stablecoins.
  • Payments must come from and be returned to an account in the client’s legal name. Third-party payments are rejected unless pre-approved by the MLRO with full verification.
  • Split payments, circular flows, or overpayments followed by refund requests are red flags and require MLRO approval.
  • Where we introduce clients to regulated partners, we confirm those partners have appropriate AML/CFT controls and licensing.


12) Ongoing monitoring

  • Maintain up-to-date KYC and risk ratings.
  • Review trigger events: ownership changes, negative media, sanctions updates, unusual payment patterns, or scope changes.
  • For higher-risk clients, perform periodic reviews at least annually.


13) Suspicious activity reporting

Internal SAR. Staff must escalate suspicions to the MLRO immediately using the internal SAR channel. Include facts, reasons, and supporting evidence.

External SAR. The MLRO files to the UKFIU/NCA via SAR Online where suspicion meets the POCA threshold.

  • Where a Defence Against Money Laundering (DAML) is required, we will not proceed until consent is granted or the 7 working day period expires without refusal. If refused, the statutory moratorium applies for up to 31 calendar days.

Tipping off. Do not alert the client or any third party to the fact of a SAR or investigation.


14) Record-keeping and data protection

  • Keep CDD, risk assessments, and transaction records for five years from the end of the relationship or the date of the last transaction, whichever is later.
  • At the end of the retention period, delete records unless lawfully required to keep them longer or with valid client consent.
  • Handle personal data under UK GDPR and DPA 2018. Use, storage, access, and sharing are restricted to legitimate purposes. Data subjects can exercise their rights unless restricted by law enforcement needs.


15) Staff screening, training, and attestations

  • Pre-employment screening includes identity checks, references, and, where appropriate, criminal record checks in line with law.
  • AML/CFT training at induction and at least annually. Extra role-specific training for onboarding, payments, and senior management.
  • All staff attest annually that they understand and will follow this policy.


16) Third parties and outsourcing

  • Conduct due diligence on introducers, consultants, and outsourced providers.
  • Set clear contractual obligations on AML/CFT, sanctions, confidentiality, and audit rights.
  • Monitor performance and escalate issues to the MLRO.

17) Politically Exposed Persons (PEPs)

  • Identify PEPs at onboarding and during the relationship.
  • Apply EDD, obtain senior management approval, establish source of wealth, and set tighter monitoring.
  • Consider de-PEP status only after a documented, risk-based period.


18) Bribery, corruption, and tax integrity

  • FGCA forbids bribery and improper payments under the UK Bribery Act 2010.
  • We decline engagements where the tax integrity of the client or transaction is in doubt and cannot be resolved with credible evidence.


19) Breaches, discipline, and whistleblowing

  • Breaches are reported to the MLRO and Senior Management. Disciplinary action may include warnings, suspension, or dismissal.
  • Staff can report concerns in confidence to the MLRO or via a designated whistleblowing channel without fear of retaliation.


20) Governance, assurance, and policy review

  • The MLRO performs ongoing quality checks and issues quarterly reports to Senior Management.
  • Independent review or internal audit is carried out at least annually, or after material changes or incidents.
  • This policy is reviewed at least once a year. Updates require Senior Management approval.


21) Contact

Questions, escalations, and internal SARs should be sent to the MLRO. Email: contact@fgcapitaladvisors.com


22) Quick procedure checklist

  1. Pre-engagement – Initial screening, conflicts check, basic KYC feasibility.
  2. CDD/EDD – Collect and verify identity, beneficial ownership, SoW/SoF as required. Risk-rate the client.
  3. Sanctions/PEP screen – Clear or escalate to MLRO.
  4. Engagement – Contract only after KYC clearance and approvals.
  5. Payments – Fees from the client’s own bank account only. No cash. No crypto.
  6. Monitoring – Keep KYC current, re-screen, and review when risk changes.
  7. Suspicion – File internal SAR to MLRO at once. Do not tip off.
  8. Exit – If standards are no longer met, disengage and consider SAR.


Appendix A — Minimum KYC pack (illustrative)

Individuals

  • Passport or national ID
  • Proof of address dated within 3 months
  • Source of funds evidence

Companies

  • Certificate of incorporation and register extracts
  • Memorandum and articles, board resolution to engage FGCA
  • Share register and ultimate beneficial owner declaration
  • IDs and proof of address for directors/UBOs
  • Source of funds and source of wealth evidence
  • Organisational chart and authorised signatory list


Approved by Senior Management: 10 November 2022.

Contact Us