Compliance and Regulatory Policy
Effective Date: 01 Dec 2024
STAAR PAYOUT PRIVATE LIMITED (“Company,” “we,” “our,” or “us”) is committed to ensuring compliance with applicable laws, regulations, and industry standards. This Compliance and Regulatory Policy outlines the practices and measures we follow to meet our regulatory obligations and ensure ethical operations.
1. Purpose
The purpose of this policy is to:
- Outline the regulatory frameworks and guidelines we adhere to.
- Establish practices for maintaining compliance with applicable laws and standards.
- Promote transparency, accountability, and ethical business conduct.
2. Regulatory Framework
The Company complies with the following laws, regulations, and standards:
a. Indian Regulatory Framework
- Information Technology Act, 2000: Ensuring secure electronic transactions and data protection.
- Reserve Bank of India (RBI) Guidelines: Adherence to IT and payment system frameworks applicable to financial technology providers.
- Goods and Services Tax (GST): Compliance with tax laws for invoicing and service delivery.
b. International Standards (if applicable)
- ISO 27001: Adhering to best practices for information security management.
- General Data Protection Regulation (GDPR) (for international data): Ensuring data protection for users in applicable jurisdictions.
3. Anti-Money Laundering (AML) and Know Your Customer (KYC)
AML Compliance
- We adhere to anti-money laundering regulations by monitoring transactions and reporting suspicious activities to authorities.
- Regular audits are conducted to ensure compliance with AML guidelines.
KYC Requirements
- Clients must provide accurate and valid identification documents during onboarding.
- We reserve the right to suspend or terminate services for non-compliance with KYC requirements.
4. Data Privacy and Security
Data Protection
- All data is processed in compliance with applicable data protection laws, including the Information Technology Act, 2000.
- Secure encryption is implemented for data storage and transmission.
Data Retention
- Personal and transactional data is retained only for as long as necessary to meet regulatory and operational requirements.
5. Internal Compliance Measures
Policies and Training
- Employees are trained annually on compliance, data security, and ethical practices.
- Internal policies are reviewed and updated regularly to align with regulatory changes.
Audit and Monitoring
- Regular audits are conducted to evaluate compliance with regulatory requirements.
- Non-compliance issues are addressed promptly through corrective actions.
6. Third-Party Compliance
- All third-party service providers must comply with our data protection and security standards.
- Contracts include clauses to ensure adherence to applicable laws and regulations.
7. Reporting and Accountability
Incident Reporting
- Any regulatory breaches or non-compliance incidents must be reported immediately to the compliance team.
- A dedicated compliance officer oversees incident management and reporting to authorities if required.
Whistleblower Policy
- Employees and stakeholders can report unethical behavior or regulatory violations confidentially.
- Reports will be investigated promptly, and appropriate action will be taken.
8. Updates to This Policy
The Company reserves the right to update this policy periodically to reflect changes in laws, regulations, or operational practices. Updates will be communicated via email or posted on our website.
9. Contact Us
For questions or concerns regarding this Compliance and Regulatory Policy, please contact us:
STAAR PAYOUT PRIVATE LIMITED
A-1/2, First Floor, Shakti Nagar Extension, Ashok Vihar, North West Delhi, Delhi, Delhi, India, 110052