Xpesa Ltd. ("Xpesa") is a company duly incorporated under the laws of Malta and runs a transparent and legal virtual currencies exchange. Persons availing any of the services from Xpesa, or engaging in transactions on any digital and/or non digital platform provided or operated by Xpesa, directly or indirectly shall be referred to as the "Users". Gimibits is a brand of Xpesa and is wholly owned by Xpesa.

The Anti Money Laundering Rules is an agreement between Xpesa and User(s), which is binding on the User(s). The User(s)is/are required to comply with the terms of the Anti Money Laundering Rules ("AML Policy") at all times and any instance of non-compliance shall result in the termination of such User's accounts on the Xpesa platform, and in appropriate reporting of the circumstances of such non-compliance and such termination to the relevant statutory authorities. In order to prevent misuse of the services provided by Xpesa, the Users are required to strictly comply with the terms of this AML Policy contained herein, which forms part and parcel of the Xpesa Terms and Conditions, Privacy Policy and KYC Policy.

Users are mandated to read, review, understand and then agree to the terms provided hereunder before using or availing any Xpesa services through the Website and/or App ("Xpesa platform").

This AML Policy supersedes and replaces any and/or all prior oral or written understanding or agreements between Xpesa and the User with respect to the AML Policy.


1.1 Xpesa shall maintain a record of, and shall evolve an internal mechanism to detect the following:

  • i) Details pertaining to the User transactions, including but not limited to:
    • a) The nature of the transactions;
    • b) The amount of the transaction;
    • c) The date on which the transaction was conducted; and
    • d) The parties to the transaction.
  • ii) All details for the following categories of the User transactions, separately from those recorded under sub clause (i) of clause 1.1 above:
    • a) User Transactions of value of at least $10; and
    • b) User transactions that are connected to each other and that take place within a month of each other, with a monthly aggregate of at least $100.
  • iv) Credits or debits into or from any non-monetary accounts such as external cryptocurrency wallets in any currency maintained by Xpesa;
  • v) Money transfer or remittances in favor of own Users or non-Users and to third party beneficiaries, including transactions on its own account in any currency by any of the following:
    • a) Demand drafts, or
    • b) Telegraphic or wire transfers or electronic remittances or transfers, or
    • c) Internet transfers, or
    • d) Automated Clearing House remittances, or
    • e) Any other mode of money transfer by whatsoever name called;
  • vi) Letters of credit, standby letters of credit, guarantees, comfort letters, solvency certificates and any other instrument for settlement and/or credit support;
  • vii) Collection services in any currency by way of the collection of bills, cheques, instruments or any other mode of collection in whatsoever name it is referred to.


2.1. Xpesa shall maintain hard and soft copies of the above-mentioned records of transactions under clause 1 of this AML Policy in accordance with the procedure and manner, as may be specified under the Xpesa Terms and Conditions, Privacy Policy and/or any other applicable laws or regulations, from time to time.


  • 3.1 In accordance with clause 4.1 of the Xpesa Privacy Policy, Xpesa shall protect and not share the User(s) information consciously with any third party. Although, Xpesa may be required and/or directed to cooperate and aid the government and/or any law enforcement authorities, police, investigating agencies, or any Tribunals and/or Courts within the territory of Malta or from outside the said territory in any disclosure of any User(s) related information.
  • 3.2 In cases of disclosure of information under clause 3.1 above, subject to the applicable laws with respect to the data protection, Xpesa shall be entitled to disclose any information about the User(s) that is in its possession or control, including disclosure to any government or law enforcement officials, police, investigation agencies, Tribunals or Courts within the territory of Malta.
  • 3.3 In particular, Xpesa shall be entitled to initiate processes and disclosures, including but not limited to the following circumstances:
    • i) Information pertaining to or in pursuance of claims and legal process (such as summons/warrants);
    • ii) To protect Xpesa's property, rights &safety and/or the property, rights & safety of a third party and/or the public in general;
    • iii) To identify and stop any activity that Xpesa considers illegal, unethical and/or legally actionable.
  • 3.4 Xpesa may, if so required under the applicable laws and regulations, disclose the following information to the Director of the Financial Intelligence Unit-Malta, as appointed under the Prevention of Money Laundering Act, 2002 (PMLA):
    • i) Name, designation and address of the Designated Person(s) including Designated Director, the Principal Officer and all Senior Management;
    • ii) User transactions listed in clause 1 (a) (II) above by the 5th day of each succeeding month or more frequently if so instructed by the authorities;
    • iii) User transactions listed in clause 1 (a)(iii) within 1 working days (or more frequently) of being satisfied that the transaction in question are suspicious in nature, if so instructed by the authorities.
  • 3.5 Xpesa also compiles records, audit and compliance notes to determine the efficacy of its internal audit systems on an ongoing basis and such notes are submitted to Xpesa's internal audit committee on a quarterly basis for this purpose.


  • 4.1 Xpesa's Terms and Conditions and the Know Your Customer Policy ("KYC") incorporate requirements pertaining to the verification process.
    • 1) For Users:

      In addition to the requirements under clauses 2(c) and 2(d) of the Xpesa Terms and Conditions and clause 3 of the Xpesa's KYC Policy, the User(s) needs to comply with this AMLPolicy as follows:

      • a) If Xpesa engages a third party to carry out the User identification process, Xpesa shall ensure that:
        • i) It obtains the User(s) due diligence carried out by the third party within 2 business days;
        • ii) Adequate steps are taken to ensure that copies of any part of the User due diligence is made available by such third party without delay, upon request;
        • iii) It is satisfied that the third party is regulated, supervised or monitored by, and complies with due diligence and record-keeping requirements prescribed under, the PMLA.
        • iv) Such third party is not based in a high-risk jurisdiction (areas where there is higher chance of money laundering or terrorism financing);
        • v) No decision-making functions of Xpesa are outsourced to such third party;
        • vi) Users are not required to provide any additional copies of officially valid documents to such third-party;
        • vii) Xpesa is responsible for User(s) due diligence; and
        • viii) Xpesa shall comply with all other requirements that may be prescribed under all relevant anti-money laundering rules and regulations.
      • b) User(s)is/are not permitted to act on behalf of another User, and can only transact on the Xpesa platform on their own account, with their own funds, and for their own benefit.
      • c) User(s)is/are not permitted to open any of the following:
        • i) An anonymous account;
        • ii) An account under a fictitious name; or
        • iii) An account on behalf of other persons whose identity is undisclosed and/or non-verifiable
      • d) No accounts shall be opened and/or registered by Xpesa for any User(s) who appears on thesanctioned lists (United Nations Security Council's ISIL (Da'esh) & Al-Qaida Sanctions List, or on its 1988 Sanctions List) as referred in the RBI's Master Circular RBI/2013-14/94DBOD.AML.BC.No.24/14.01.001/2013-14dated 1st July, 2012with the amendments to the sanctioned lists in RBI Notification RBI/2015-16/323, DBR.AML.No.10293/14.06.001/2015-16,dated 16 February 2016or any other subsequent such notifications.
      • e) Xpesa shall not use the KYC records of any User for any purpose other than the verification of identity and/or address, and shall not be allowed to transfer such records to any third party without prior written authorization of such User, or the Director or other regulator appointed under the Prevention of Money Laundering Act, 2002. All information collected from the User(s)shall be treated as confidential on the Xpesa platform. Requests for any information that is not mandatory shall be labeled as optional.
    • 2) For Transactions
      • a) Xpesa shall exercise ongoing due diligence with respect to the business relationship with every User and closely examine the transactions in order to ensure that they are consistent with their knowledge of the User(s), his/her business and/or risk profile and/or where necessary, the source of funds.
      • b) Xpesa shall also review its due diligence measures and undertake measures to re-verify the identity of a User(s) and obtain further information on User's activities, if it has any suspicion(s) of money laundering or the financing of terrorism. This provision shall be read in consonance with clause 3 of the Xpesa KYC Policy.
      • c) Xpesa shall periodically verify the identity of all Users to determine whether there are any matches with any names appearing on any of the Government of Malta's sanctioned lists.
      • d) In the event that it is brought to Xpesa's attention that a particular User(s)and/or account is maintained under a fictitious name, Xpesahas full rights and authority to suspend pending investigation and/or terminate such an account with immediate effect and without prior notice to the User(s).
      • e) Xpesa shall, in particular, monitor the following categories of transactions, and shall conduct due diligence on an ongoing basis on them:
        • i) Large, complex transactions, including those with unusual patterns that are inconsistent with the User's normal and/or expected level of activity, without an apparent economic rationale or legitimate purpose; and
        • ii) Transactions that involve high account turnover, inconsistent with the size of the balance ordinarily maintained by a User(s).


  • 5.1 The User(s) hereby agrees and undertakes to not indulge, assist, abet and encourage in any manner whatsoever, in any activity involving money laundering or financing illegal or unlawful activities on the Xpesa platform.


  • 6.1 This agreement (the AML Policy) shall be governed by and construed in accordance with the laws of Malta. The exclusive jurisdiction and venue of any action with respect to the subject matter of these terms under the AML Policy shall be as per the Xpesa Terms and Conditions, Privacy Policy and KYC Policy i.e. the courts in Malta.
  • 6.2 By sign-up and registering on our platform, the User(s) hereby gives his/her informed consent to this AML Policy, the terms and conditions, privacy policy and/or any other rules or regulations made by Xpesa from time to time.


  • 7.1 This Agreement (the AML Policy) shall bind and inure to the benefit of the parties, and their respective successors and permitted assigns.


  • 8.1 The invalidity or unenforceability of any provision of this Agreement shall not in any way affect, impair or render unenforceable, this Agreement or any other provision contained herein, which shall remain in full force and effect.
  • 8.2 This Agreement shall be considered divisible as to such provision, which is deemed to be invalid or unenforceable and the remainder of this Agreement shall be enforceable and binding on the Parties.


  • 9.1 No omission or delay on the part of Xpesa in enforcing any of its rights or powers hereunder shall be deemed to constitute a waiver of any of Xpesa's rights to exercise such rights and powers and, in any event, shall not constitute or be construed as a continuing waiver.


  • 10.1 This Agreement and the other agreements contemplated hereby constitute the entire agreement.


  • 11.1 This Agreement is subject to confirmation by the Government of Malta of the legality of facilitating the dealing in crypto currencies (including bitcoins), and in the event that the Government of Malta was to hold that transactions involving crypto currencies are invalid or illegal or prohibited in Malta, this Agreement shall stand automatically terminated without further notice to the User(s).
  • 11.2 Xpesa has given full disclosure of the current Government regulation in relation to Xpesa's business and regulatory status to the User(s). The present regulatory status and permissibility of the use of crypto currencies, including bitcoins, in Malta.


  • 12.1 Xpesa shall appoint Person(s) as required under Applicable Law, along with setting up a compliance team, who shall be responsible for ensuring compliance, monitoring transactions, and sharing and reporting information as required under the law/regulations.


  • 13.1 The terms of this AML Policy may be periodically reviewed and revised. The revised terms shall be uploaded on the Xpesa website and/or App and shall reflect the modified date of the terms. The User(s) is required to periodically visit the Xpesa website and/or App and review terms and any changes there to.
  • 13.2 User's continued use of the Xpesa services constitutes the acceptance of the User(s) to the terms of the AML Policy contained herein and any amendments there to.
  • 13.3 This agreement and/or the responsibilities and/or benefits arising therefrom cannot be assigned by the User(s) save and except with the prior written consent of Xpesa which shall be as per the Xpesa's Terms and Conditions, Privacy Policy, KYC Norms and this AML Policy.


  • 14.1 All other provisions of the Xpesa Terms and Conditions, Privacy Policy and KYC Policy shall be read into this policy and shall form part here of, including Governing Laws and Jurisdiction, notices, severability, assignment and such or other provisions.