QRPayLinkQRPayLink
AML Policy

Anti-Money Laundering & CFT Policy

Effective January 1, 2026

QRPayLink is committed to preventing money laundering, terrorism financing and any criminal misuse of our payment platform. This policy outlines our obligations, the rules merchants must follow, and the controls we operate to keep Ghana and Nigeria's payments ecosystem safe.

1. Regulatory framework

QRPayLink operates as a technology platform on top of Paystack, a fully licensed payment service provider. We adhere to:

  • The Bank of Ghana’s Anti-Money Laundering Act, 2020 (Act 1044) and related Guidelines on AML/CFT for Payment Service Providers.
  • The Central Bank of Nigeria’s AML/CFT Regulations and the EFCC’s Money Laundering (Prevention and Prohibition) Act 2022.
  • Financial Action Task Force (FATF) recommendations and global card-scheme rules (Visa, Mastercard, Verve).

2. Know Your Customer (KYC) & Know Your Business (KYB)

Before merchants can receive real payments or withdraw funds, we collect and verify:

  • Legal full name, phone, email and country of operation.
  • Government-issued identity document: Ghana Card or Passport (Ghana); NIN, National ID or Passport (Nigeria).
  • A live selfie matched against the ID document.
  • Business name, business type and settlement bank account / mobile-money number.
  • Where applicable, business registration (Ghana TIN, Nigerian CAC/TIN).

Submissions are reviewed by our compliance team within 24 hours. Higher-volume merchants undergo Enhanced Due Diligence (EDD), including ownership verification and source-of-funds checks.

3. Prohibited activities

Merchants must not use QRPayLink to receive payments for:

  • Money laundering, terrorism financing, sanctions evasion or proceeds of crime.
  • Unlicensed financial services, investment schemes, FX trading or crypto exchange.
  • Illegal gambling, lottery or betting without the appropriate licence.
  • Sale of narcotics, weapons, counterfeit goods, stolen property or pirated content.
  • Adult content involving minors, human trafficking, or any activity that violates Ghanaian, Nigerian or international law.
  • Pyramid, Ponzi or chain-marketing schemes.

Violations result in immediate suspension and reporting to the relevant Financial Intelligence Unit (FIU).

4. Transaction monitoring

Every transaction on QRPayLink is monitored in real time against a risk-scoring engine that flags:

  • Sudden spikes in volume or ticket size.
  • Unusual geographies, IP / device anomalies and velocity patterns.
  • Repeated card-testing or chargeback patterns.
  • Structuring (transactions deliberately split to stay below reporting thresholds).
  • Names appearing on UN, OFAC, EU, or local sanctions and PEP lists.

Flagged transactions may be held, reversed, or escalated for manual review.

5. Suspicious transaction reporting

Where transactions or merchant behaviour suggests money laundering, terrorism financing or other financial crime, our Money Laundering Reporting Officer (MLRO) files a Suspicious Transaction Report (STR) with:

  • The Financial Intelligence Centre (FIC) of Ghana, or
  • The Nigerian Financial Intelligence Unit (NFIU), as appropriate.

By law we cannot disclose to the merchant that a report has been filed (“no tipping off”).

6. Account suspension & termination

QRPayLink reserves the right, at any time, to:

  • Request additional information or supporting documents.
  • Hold funds pending review where transactions appear suspicious.
  • Suspend access to the dashboard, QR codes, payment links and APIs.
  • Terminate the account and notify regulators, payment partners and law enforcement.

Funds related to verified illegal activity may be frozen and returned to victims, refunded to issuing banks, or forfeited under court order.

7. Counter-terrorism financing (CFT)

We screen all merchants and beneficiaries against international sanctions and counter-terrorism lists (UN Security Council, OFAC, EU, HM Treasury, ECOWAS) at onboarding and continuously thereafter. Any match triggers immediate suspension and regulatory reporting.

8. Record keeping

We retain KYC documents, transaction records and risk decisions for a minimum of seven (7) years as required by Ghanaian and Nigerian AML regulations, even after an account is closed.

9. Staff training & governance

QRPayLink employees with access to merchant data complete mandatory AML/CFT and data-protection training annually. Our MLRO reports directly to senior management and to our payment partners (Paystack, banks).

10. Merchant cooperation

By using QRPayLink you agree to:

  • Provide truthful, accurate information at onboarding and on request.
  • Notify us within 30 days of any material change to your business, beneficial ownership or settlement bank.
  • Respond to compliance enquiries within 7 business days.
  • Maintain books and records of your underlying transactions as required by Ghanaian / Nigerian tax law.

11. Contact our compliance team

To report suspicious activity, request information about your account, or raise a compliance concern:

compliance@qrpaylink.com · support@qrpaylink.com