TLDR
Radical Transparency: A simple, pay-as-you-go model with no hidden fees or long-term contracts.
Built for Flexibility: Start with our Business Plan for core Hub features and scale instantly with "plug-and-play" add-ons (eKYC, Screening, Monitoring) only when you need them.
Technical Partnership: Direct access to our CTO to ensure seamless API integration and security alignment with your existing tech stack.
Corporate Profile
Anqa Compliance is a financial crime compliance technology company delivering unified AML/CFT capability for regulated institutions and regulated market participants. Anqa’s focus is to turn AML/CFT obligations from a fragmented operational burden into a structured institutional capability that supports safer growth, stronger governance, improved risk outcomes, and operational efficiency.
Anqa provides a unified AML/CFT platform built as an integrated ecosystem rather than a collection of point solutions. The platform is modular, enabling institutions to deploy what they need first and expand across the full compliance lifecycle without re-platforming. Onboarding, screening, monitoring, investigations, and reporting operate as one connected operating model with shared data, consistent workflow control, and end-to-end auditability across modules.
Anqa’s platform is built on enterprise cloud infrastructure with an architecture designed for scale, resilience, and regulator-ready control. The platform supports high throughput and strong performance, including high daily transaction processing capacity and real-time screening performance suitable for large-scale onboarding and continuous monitoring environments.
Scalable, Transparent Financial Crime Compliance
FreshPay Money Transfer SARL (FreshPay Money Transfer) operates in one of the world's most challenging AML compliance environments. The Democratic Republic of Congo's FATF Grey List status requires FreshPay Money Transfer to demonstrate robust, regulator-ready AML controls that meet international standards. Anqa Compliance is uniquely positioned to meet this challenge, bringing together global enterprise expertise and deep local knowledge.
Anqa is an enterprise-grade AML/Compliance Platform validated by Microsoft's Global Enterprise Innovation Program and purpose-built for financial institutions operating in African regulatory jurisdictions. Unlike global AML vendors who treat Africa as an afterthought, Anqa was designed from the ground up for FATF Grey List environments, with deep coverage of GABAC, BCC, CENAREF, and regional African regulatory frameworks.
Our leadership team combines global expertise with a strong African presence, ensuring delivery, client engagement, and regulatory alignment are rooted in the DRC's financial ecosystem. COO Michael Osimbo and CTO Joel Barasa are Nairobi-based shareholders, anchoring our long-term commitment to the region.
Why Anqa for FreshPay Money Transfer
DRC-specific compliance: Integrated GABAC, BCC, and CENAREF frameworks; goAML-ready SAR/STR submission for CENAREF reporting.
African watchlist coverage: UN, OFAC, African Union, SADC, ECCAS, GABAC member lists, EU, UK HM Treasury, plus regional African regulators — all updated daily.
Proven African fintech track record: COO Michael Owino led delivery of live IPRS/eCitizen integrations and a 114,000+ user fintech platform (Instacash) in East Africa.
Scale-ready from Day 1: Architected to handle 500M+ transactions/day; FreshPay Money Transfer's projected Year 2 volume of 400,000 transactions/month represents less than 0.01% of platform capacity.
Fast deployment: Go-live within 3 weeks of contract execution; no lengthy implementation projects.
Anqa's leadership team brings 25+ years of AML and fintech expertise spanning ANZ Bank, ICBC NZ, the NZ Ministry of Justice, and East African fintech deployments. We understand what FATF Grey List scrutiny means in practice, and we have built a platform that turns compliance obligations into a competitive advantage.
Leadership and Governance Capability
Anqa’s leadership combines strategic AML/CFT credibility, regional delivery execution, and enterprise-grade technical governance.
Daniel Rogers is Chief Executive Officer and Founder, with more than 25 years of experience in financial services and financial crime compliance. He implemented New Zealand’s AML Act into a major institutional bank division environment and advised ICBC Bank New Zealand on compliance frameworks. He served as an appointed advisor to the New Zealand Ministry of Justice on the national AML/CFT Industry Advisory Group, contributing to regulatory policy.
His expertise spans digital identity, FATF-aligned compliance, biometric systems, verifiable credentials, and decentralised identity. Daniel established Anqa’s five-phase implementation methodology: scope, documentation, Agile build and testing, go-live, and post-implementation review.
Michael Osimbo is Chief Operating Officer & Shareholder, Nairobi-based, responsible for technical delivery and client engagements. He has delivered compliance technology and interoperability initiatives connecting institutions with national infrastructure and registries, embedding AML/CFT controls into operational systems. He launched digital payment channels with integrated AML controls and led compliance and payments infrastructure design across multiple jurisdictions in regulated cross-border payments environments.
Joel Barasa is Chief Technology Officer & Shareholder, and an Enterprise Solutions Architect aligning strategic architectural governance with practical execution. He has over a decade of experience designing and implementing enterprise-grade architectures for digital banking and payments across multiple regions. He has architected cloud-native digital card issuance and cross-border remittance platforms, specialising in microservices and event-driven systems. He has implemented AI-driven anomaly detection models to flag potential fraud and suspicious patterns in real time, improving risk management and reducing false positives in compliance workflows. His work aligns to international standards including PCI DSS and ISO 20022, ensuring technology roadmaps remain aligned with both business goals and regulatory requirements.
Strategic Partnerships and Technology Foundation
Anqa is recognised within Microsoft’s global enterprise innovation ecosystem and operates on Microsoft Azure. This alignment strengthens Anqa’s enterprise positioning, including cloud security, governance, and scalable architecture delivered through Azure enterprise-grade controls and infrastructure resilience.
Anqa supports optional premium data enablement through LexisNexis Risk Solutions for enhanced intelligence coverage such as deeper PEP hierarchies, extended adverse media, and beneficial ownership intelligence. Anqa is data-provider agnostic and integrates with alternative global data sources through plug-and-play APIs, aligning to existing institutional vendor contracts and coverage requirements and avoiding lock-in.
Platform Architecture
Anqa is a cloud-native platform comprising 12 purpose-built microservices, each independently scalable and deployable. This modular design lets FreshPay Money Transfer deploy only what is needed initially and expand incrementally as required.
Transaction Monitoring — real-time and batch screening with configurable rule engines.
Alert Management — tiered alert queues with MLRO escalation and maker-checker controls.
Case Management — end-to-end investigation workflow from alert to regulatory report.
CDD Customer Onboarding — automated KYC/CDD workflows with document verification.
Watchlist Screening — multi-list sanctions and PEP screening with AI fuzzy matching.
Country Risk — FATF, GABAC, and regional country risk scoring with daily updates.
Crypto Investigation — blockchain analytics and virtual asset transaction screening.
Nature & Purpose — customer relationship profiling for enhanced due diligence.
e-KYC — digital identity verification with biometric support.
Customer Portal — self-service compliance portal for shared service partners.
Dashboard — enterprise wide risk analysis for Senior Leadership reporting.
UBO Analysis — ultimate beneficial ownership mapping and verification.
Platform Overview: Unified AML/CFT Ecosystem
(3. Scope of Work & Technical Requirements)
Anqa provides a unified AML/CFT ecosystem consisting of interoperable modules that share data, workflow logic, audit controls, and case handling. The platform eliminates fragmentation by ensuring controls do not operate in isolation. Screening outcomes and onboarding risk signals feed directly into monitoring and investigation workflows, reducing manual reconciliation and improving decision consistency.
The platform covers the full compliance lifecycle, including customer onboarding and customer records, sanctions and watchlist screening, PEP screening, adverse media monitoring, transaction monitoring, geographic and country risk, crypto investigation support where relevant, and centralised case management for investigation, escalation, and governance.
The platform is engineered for high throughput, supporting institutions with high transaction volumes and large customer or counterparty screening requirements. It is suitable for regulated environments requiring clear audit trails, defensible decisions, and structured evidence retention.
Digital Onboarding and KYC Hub
The KYC Hub and Digital Onboarding capability creates and maintains a structured customer or counterparty record that functions as the compliance system of record. It supports both individual and entity onboarding, capturing identity data, organisational registration information, beneficial ownership and control details, expected activity and purpose-of-relationship information, and risk indicators aligned to a risk-based approach.
Onboarding is configurable so institutions can define required fields, evidence requirements, and workflow steps by customer or counterparty segment, product type, jurisdiction, or risk level. Conditional logic supports enhanced requirements where risk triggers occur, ensuring higher-risk relationships are subjected to additional verification and approval controls. The outcome is a consistent, reusable profile supporting ongoing screening, monitoring context, periodic review, and regulator-ready recordkeeping without re-collecting and re-validating the same data across multiple systems.
The KYC Hub integrates through APIs to support automated population of fields, validation checks, and downstream orchestration into screening and monitoring workflows.
Sanctions and Watchlist Screening
Sanctions Screening
Sanctions and watchlist screening is a core foundational control within the unified platform. Screening supports real-time and batch use cases, including onboarding screening, continuous screening, periodic rescreening, and event-driven rescreening. Baseline screening coverage includes major global sanctions sources and relevant local regulatory lists.
Institutions can maintain and screen against internal lists, including declined applicants, terminated customers, blocked counterparties, fraud intelligence lists, and other organisation-specific watchlists applied consistently across onboarding and ongoing monitoring.
The screening engine handles practical data-quality challenges such as alias usage, transliteration, spelling variants, incomplete identifying fields, and naming conventions. Matching is configurable, enabling institutions to tune thresholds and logic to balance risk sensitivity against false positive workload. Screening results carry full context into case workflows where required, including match rationale, supporting evidence, and structured dispositions, enabling consistent and regulator-ready outcomes.
Politically Exposed Person Screening
PEP screening identifies politically exposed individuals and relevant associated parties, supporting enhanced due diligence requirements and ongoing monitoring expectations. The control supports onboarding identification and ongoing monitoring, including periodic reassessment to account for status changes over time. PEP outcomes follow consistent workflows so enhanced due diligence steps are applied consistently, recorded clearly, and auditable. Where required, premium dataset integrations provide deeper PEP hierarchies and relationship depth.
Adverse Media Monitoring
Adverse media monitoring surfaces negative information relevant to financial crime risk and reputational exposure. It links media content to the correct entity through entity recognition, categorises the risk indicated, and routes outcomes into investigation workflows when thresholds are met. Where local or sector-specific coverage is important, monitoring expands to include regional outlets and niche publications. Outcomes are captured with evidence and traceability to support governance and regulator-facing explanation of decisions.
Transaction Monitoring
Transaction Monitoring detects suspicious behaviour across account activity, payments flows, and customer behaviour. The monitoring approach supports rules-based detection and adaptable patterns. Rules include threshold breaches, structuring, unusual velocity, rapid movement of funds, atypical corridors, unusual counterparties, deviations from expected activity, and typologies aligned to the institution’s risk profile.
The monitoring capability ingests transaction and account activity at scale and generates alerts with context, including relevant customer profile attributes, onboarding risk signals, screening outcomes, adverse media indicators, and prior alert history where applicable. This reduces low-quality alert volumes and the analyst burden created by alerts that lack meaningful context. Alerts flow into Case Management with traceability to the detection logic that triggered them.
Country and Geographic Risk
Country and geographic risk capability provides structured jurisdiction risk context applied across onboarding, screening, transaction monitoring, and investigations. Institutions define risk weightings, apply enhanced controls for higher-risk jurisdictions, and incorporate jurisdiction logic into detection scenarios and workflow requirements. This supports consistent decisioning for cross-border activity, correspondent exposure, higher-risk customer segments, and corridor-based typologies.
Country and Geographic Risk
Country and geographic risk capability provides structured jurisdiction risk context applied across onboarding, screening, transaction monitoring, and investigations. Institutions define risk weightings, apply enhanced controls for higher-risk jurisdictions, and incorporate jurisdiction logic into detection scenarios and workflow requirements. This supports consistent decisioning for cross-border activity, correspondent exposure, higher-risk customer segments, and corridor-based typologies.
Crypto Analysis
FreshPay Money Transfer wallet-based remittance termination services activity creates a practical requirement for credible crypto-related due diligence and investigation capability when crypto exposure intersects with clients, counterparties, fundraising sources, investor onboarding, cross-border flows, or reputational risk assessment. Anqa supports this requirement through an optional crypto investigation capability that can be activated when relevant, allowing compliance teams to incorporate crypto exposure into broader casework rather than managing it as a separate silo.
This capability is designed for investigative use cases: linking crypto-related risk indicators to known entities, supporting deeper analysis during enhanced due diligence, and strengthening evidence packages where suspicious activity escalations require clear documentation. The intent is not to “add crypto for marketing,” but to provide a controlled, auditable investigative capability that supports cross-border risk reality when virtual-asset exposure becomes part of the risk perimeter.
Crypto Analysis
FreshPay Money Transfer wallet-based remittance termination services activity creates a practical requirement for credible crypto-related due diligence and investigation capability when crypto exposure intersects with clients, counterparties, fundraising sources, investor onboarding, cross-border flows, or reputational risk assessment. Anqa supports this requirement through an optional crypto investigation capability that can be activated when relevant, allowing compliance teams to incorporate crypto exposure into broader casework rather than managing it as a separate silo.
This capability is designed for investigative use cases: linking crypto-related risk indicators to known entities, supporting deeper analysis during enhanced due diligence, and strengthening evidence packages where suspicious activity escalations require clear documentation. The intent is not to “add crypto for marketing,” but to provide a controlled, auditable investigative capability that supports cross-border risk reality when virtual-asset exposure becomes part of the risk perimeter.
Case Management and Investigation Operations
Case Management is the operational backbone for investigations, governance, and audit readiness. It receives inputs from onboarding flags, screening hits, adverse media events, transaction monitoring alerts, and referrals. Once a case is created, the workflow supports structured investigation steps, evidence capture, decision records, approvals, escalation to MLRO or compliance leadership, and complete audit logging.
The module provides end-to-end traceability, including why an alert triggered, what data was used at the time, what investigative actions were taken, what evidence was reviewed, and what decision was reached. Workload management is supported through queues, assignment and role-based access control, ageing and SLA management, and management reporting on volumes, outcomes, and operational performance.
Integration & Technical Architecture
Integration, Security, Data Sovereignty, and Performance
Anqa’s platform follows enterprise architecture principles suitable for regulated institutions. It is cloud-native on Azure and supports high throughput and low latency. Integration is provided through APIs, enabling connection to core banking systems, payment platforms, CRMs, data warehouses, onboarding channels, external registries, and third-party data providers. The platform supports interoperability alongside modular deployment.
Security and auditability are foundational. The platform provides comprehensive audit trails, structured evidence capture, and consistent access control aligned to regulated environments. Where data sovereignty or residency is required, the platform supports architectural patterns that enable local control over sensitive compliance data, with controlled integration layers and appropriate security boundaries.
The platform combines configurable rule-based detection with machine learning analytics to improve detection outcomes and reduce false positives across compliance workflows. Technical governance and roadmap discipline align to international standards relevant to banking and payments technology, including PCI DSS and ISO 20022.
Anqas technical architecture is built on a foundation of trust and technical excellence, strengthened through direct collaboration with Microsoft. This ensures the system is resilient, globally aligned, and sovereign by design.
Integration Architecture
Anqa is designed for rapid integration with existing banking and money transfer systems:
REST API with JSON payloads — standard integration compatible with any modern technology stack.
SOAP/XML support for legacy environments.
JMS/MQ/TCP/IP event-driven connectors for high-volume transaction processing.
Webhook support for real-time event notifications (new alerts, sanctions matches, case status changes) to Slack, Teams, or internal tools.
Batch API for bulk customer onboarding and re-screening operations.
goAML XML integration for CENAREF SAR/STR electronic filing.
CSV/Excel/XML import for legacy data migration and initial customer base loading.
Security & Infrastructure
Hosted on Microsoft Azure — enterprise-grade cloud infrastructure with global reliability.
ISO 27001 aligned security controls covering data protection, access management, and incident response. Anqa inherits Microsoft's internationally certified compliance portfolio, including ISO/IEC 27018 and ISO/IEC 27701.
SOC 2 aligned operational controls for availability, confidentiality, and processing integrity.
Data residency options available — data can be stored within specified geographic boundaries.
End-to-end encryption in transit (TLS 1.3) and at rest (AES-256) with HSM-backed keys for tenant isolation.
Role-based access control (RBAC) with granular permission management enforcing least-privilege and segregation of duties.
Comprehensive security logging and SIEM integration capability.
Immutable, tamper-proof audit logs stored in WORM format.
Data & Privacy
GDPR-aligned data handling principles applicable to EU-correspondent data flows.
Data retention policies configurable to meet BCC and CENAREF requirements.
Support for data subject rights (access, correction, deletion, portability) within regulatory retention limits.
Data processing agreements (DPA) available for all customer contracts.
Commercial Partnership
Anqa's Ongoing Monitoring Proposal for FreshPay Money Transfer
This pricing schedule forms part of Anqa Compliance's formal proposal response to FreshPay Money Transfer SARL (FMT) RFP for AML/KYC/Sanctions Screening Solutions (BCC Licence No. 00198/MF/B), issued 24 February 2026. All pricing is in USD and excludes DRC VAT (16%) unless otherwise stated. Estimates are based on FMT's stated transaction projections and Anqa's recommended screening methodology. Actual invoices reflect units consumed.
Section A — Pricing Tiers & Volume Structure
Anqa operates a consumption-based, pay-as-you-go pricing model with no minimum monthly commitments and no lock-in. FreshPay is billed at the applicable tier rate for actual units consumed. Tier assignment is determined by actual monthly transaction volume. Rates reduce progressively as volume grows, reflecting Anqa's commitment to scaling favourably with FMT's growth trajectory.
| FM-1 Seed | FM-2 Growth | FM-3 Scale | |
|---|---|---|---|
| Monthly Transaction Volume | Up to 100,000 | 100,001 – 300,000 | 300,001 – 500,000 |
| Minimum Monthly Commitment | None — pay only for what you use | ||
| Billing | Actual usage | Actual usage | Actual usage |
| FMT Year 1 projected volume | — | 152,000–250,000 tx/mo | 300,000–400,000 tx/mo (Year 2) |
Section A.1 — Per-Transaction & Per-Screening Costs
Module 1 — Watchlist Screening: Sanctions & PEPs
Real-time screening against 3,500+ global, regional, and DRC-specific sanctions and PEPs databases. Coverage includes OFAC SDN, UN Consolidated List, EU Sanctions, UK HM Treasury, DFAT Australia, African Union, SADC, ECCAS, GABAC member lists, and DRC-specific BCC/CENAREF lists — all updated daily. PEP database covers 2 million+ profiles across 200+ countries. AI-powered fuzzy matching handles alias usage, transliteration, spelling variants, and incomplete identifying fields. Screening is applied at onboarding and at every transaction for the sender party.
Dual-party screening (sender + beneficiary per transaction) is available and can be configured on request. Where dual-party screening is activated, each transaction consumes two screen units. Anqa recommends a risk-based approach: mandatory dual-party screening for cash pickup transactions (higher value, higher risk) and sender-only for wallet micro-remittances, with beneficiary screening applied on EDD trigger. This approach satisfies FATF Recommendation 16 requirements for wire transfers while managing cost proportionately.
| Tier | Monthly Screens (est.) | Rate per Screen | Est. Monthly Cost |
|---|---|---|---|
| FM-1 | ~54,000 | $0.080 | $4,320 |
| FM-2 | ~164,160 | $0.020 | $3,283 |
| FM-3 | ~324,000 | $0.015 | $4,860 |
Screen volume = monthly transactions × 1.08 buffer. FM-2 estimate based on 152,000 transactions/month. FM-3 estimate based on 300,000 transactions/month.
Module 2 — Transaction Monitoring (Real-Time, Continuous)
AML rules engine applied continuously to 100% of transactions at point of transfer in real-time. Supports configurable rule sets and thresholds, automatic blocking/hold for sanctions matches, alert generation for suspicious activity patterns, structuring detection, velocity monitoring, corridor risk, and typologies aligned to DRC/GABAC requirements. Alert context includes customer profile, onboarding risk signals, prior screening outcomes, and alert history to minimise false positive workload.
| Tier | Monthly Transactions (est.) | Rate per Transaction | Est. Monthly Cost |
|---|---|---|---|
| FM-1 | ~50,000 | $0.030 | $1,500 |
| FM-2 | ~152,000 | $0.027 | $4,104 |
| FM-3 | ~300,000 | $0.022 | $6,600 |
Module 3 — Adverse Media Screening
AI-powered reputational risk detection across 50,000+ credible global and regional news sources. Applies entity recognition, risk categorisation, and routes outcomes into case management when thresholds are met. See Section B.3 for the recommended risk-stratified screening methodology.
| Tier | Monthly Searches (est.) | Rate per Search | Est. Monthly Cost |
|---|---|---|---|
| FM-1 | ~750 | $0.20 | $150 |
| FM-2 | ~2,318 | $0.10 | $232 |
| FM-3 | ~4,575 | $0.10 | $458 |
Module 4 — eKYC Digital Onboarding
Remote identity verification with biometric liveness detection, document verification, and risk scoring (Low / Medium / High). API response time <500ms. Supports individual and entity onboarding. Re-KYC triggered on regulatory directive or significant customer profile change.
| Tier | Monthly Units (est.) | Rate per Unit | Est. Monthly Cost |
|---|---|---|---|
| FM-1 | ~810 | $0.19 | $154 |
| FM-2 | ~2,462 | $0.16 | $394 |
| FM-3 | ~4,860 | $0.16 | $778 |
Batch Re-Screening — Existing Customer Database
Anqa supports full batch re-screening of the existing customer database against updated sanctions and PEP lists. Batch re-screening is charged at the applicable tier watchlist rate per screen. For ongoing daily monitoring, Anqa's automated watchlist delta monitoring (C.1) detects list changes and triggers targeted re-screens automatically — this is included at no additional charge and satisfies the daily re-screening requirement for the majority of the customer base efficiently.
Where a full periodic batch re-screen is required (e.g. annual regulatory sweep or post-merger), the following rates apply:
| Customer Base Size | Applicable Rate | Cost per Full Sweep | Quarterly (÷3/mo) |
|---|---|---|---|
| Up to 50,000 customers | FM-2: $0.020 | $1,000 | ~$333/mo |
| Up to 100,000 customers | FM-2: $0.020 | $2,000 | ~$667/mo |
| Up to 200,000 customers | FM-2: $0.020 | $4,000 | ~$1,333/mo |
Estimated Monthly Total — All Modules
The table below brings together all four modules at representative transaction volumes based on FMT's stated projections. Estimates assume: avg. $60 transfer value; 1.5% monthly new customer growth rate; 8% screening buffer; recommended adverse media methodology. Actual invoices reflect units consumed.
| Module | FM-1 (~50K tx/mo) | FM-2 (~152K tx/mo) | FM-3 (~300K tx/mo) |
|---|---|---|---|
| Watchlist Screening (S&P) | $4,320 | $3,283 | $4,860 |
| Transaction Monitoring | $1,500 | $4,104 | $6,600 |
| Adverse Media Screening | $150 | $232 | $458 |
| eKYC Digital Onboarding | $154 | $394 | $778 |
| Pre-VAT Total | $6,124 | $8,013 | $12,696 |
| DRC VAT (16%) | $980 | $1,282 | $2,031 |
| Total incl. VAT | $7,104 | $9,295 | $14,727 |
Section A.2 — Platform & Subscription Fees
Anqa operates a pure consumption-based commercial model. There are no separate platform access fees, subscription fees, or dashboard fees. All platform capabilities — including the compliance dashboard, case management console, alert management, audit logs, and reporting module — are included within the per-unit pricing above.
| Fee Type | Amount | Notes |
|---|---|---|
| Monthly platform access fee | None | No separate platform fee — included in unit pricing |
| Dashboard & reporting module | Included | Alert console, volume dashboard, audit log, case management |
| Minimum monthly commitment | None | Pay only for units consumed |
| Annual subscription | N/A | Monthly billing in arrears |
Section A.3 — Implementation & Setup
All standard implementation, integration, and training costs are included in the monthly service fee. There are no one-time setup charges for standard deployments. Anqa's target go-live is within 3 weeks of contract execution.
| Item | Fee | Notes |
|---|---|---|
| API integration & setup | Included | REST/JSON; SOAP/XML for legacy; webhook support; sandbox environment |
| Technical onboarding & configuration | Included | DRC/GABAC rule sets, watchlist feeds, user roles & permissions pre-configured |
| Compliance team training | Included | Remote sessions covering platform navigation, alert management, SAR preparation |
| Sandbox / test environment | Included | Full test environment with API documentation (Python, Node.js, PHP examples) |
| goAML XML integration (CENAREF) | Included | SAR/STR electronic filing format pre-configured |
| Post go-live optimisation review | Included | Alert volume analysis, threshold calibration, first CENAREF report review |
| Bespoke customisation / configuration | By quotation | Custom integrations or non-standard configurations scoped separately |
Section A.4 — Additional Services
| Service | Fee | Notes |
|---|---|---|
| EDD trigger & intelligence package (P-CDD / RCA) | Included | Automated behavioural triggers; complete intelligence package on flag |
| Adverse media monitoring | Module 3 | Priced separately as Module 3 above — not bundled into base package |
| UBO analysis | Included | Ultimate beneficial ownership mapping and verification |
| Country risk scoring | Included | FATF, GABAC, regional country risk with daily updates |
| Manual EDD investigation support | By quotation | Per-case engagement; SoW/SoF forensic support scoped on referral |
| Standard report generation | Included | PDF, CSV, Excel export; BCC and CENAREF audit-ready formats |
| Custom report development | By quotation | Bespoke report formats outside standard suite |
| Dedicated account manager | Included | Named manager assigned at contract start; GMT+1/WAT business hours |
| Direct CTO access (technical integration) | Included | Joel Barasa, CTO, available for API integration and security alignment |
| Regulatory change advisory | Included | DRC / FATF / GABAC monitoring; proactive alerts on regulatory changes |
| Crypto investigation capability | Optional add-on | Activated on request; blockchain analytics for cross-border exposure |
Section A.5 — Payment Terms & Commercial Conditions
| Billing cycle | Monthly in arrears |
| Payment terms | Net 30 days from invoice date |
| Accepted payment methods | International wire transfer (USD preferred); ACH available on request |
| Currency | USD (EUR available on request) |
| VAT | 16% DRC VAT applied to all invoices |
| Minimum contract term | 12 months |
| Renewal | Automatic annual renewal unless either party gives 60 days' written notice prior to renewal date |
| Annual price review | Rates fixed for the initial contract term; reviewed at renewal |
| Pricing validity | Proposal pricing valid for 90 days from submission date (17 March 2026) |
| Disputed invoices | Must be raised in writing within 7 days of invoice date |
| Service suspension | May be triggered on payment 30+ days overdue; Anqa will provide written notice before any service action |
| Data residency | DRC/Regional — included in pricing; configurable to meet BCC and CENAREF requirements |
| Uptime SLA | 99.5% minimum; response time <500ms per API call |
| Support | Email and chat; GMT+1/WAT business hours; escalation path for critical issues; knowledge base and self-service documentation |
| Governing law | Democratic Republic of Congo |
Section A.6 — Volume Discounts & Growth Trajectory
Anqa's tier structure is designed to reward volume with progressively lower per-unit rates. The table below maps FMT's stated growth projections directly to Anqa pricing, demonstrating how cost scales favourably as transaction volume grows.
| Period | FMT Projected Volume | Tier | Watchlist Rate | TM Rate | Pre-VAT / mo | Incl. VAT / mo |
|---|---|---|---|---|---|---|
| Months 1–3 | ~152,000 | FM-2 Growth | $0.020 | $0.027 | $8,013 | $9,295 |
| Months 4–12 | 180,000–250,000 | FM-2 Growth | $0.020 | $0.027 | $9,500–$13,000 | $11,020–$15,080 |
| Year 2 | 300,000–400,000 | FM-3 Scale | $0.015 | $0.022 | $12,696–$16,927 | $14,727–$19,635 |
Section B — Screening Methodology & Volume Allocations
The methodology below is designed to provide FMT with comprehensive, demonstrable AML/CFT coverage as a DRC-licensed MTO under FATF Recommendations 10 (CDD), 12 (PEPs), 16 (Wire Transfers), and 20 (Suspicious Transaction Reporting); DRC Banque Centrale du Congo (BCC) AML/CFT directives; CENAREF reporting requirements; GABAC member obligations; and Enhanced Due Diligence requirements applicable to FATF Grey List jurisdictions.
Important Notice — Compliance Responsibility
Anqa Compliance is a technology service provider. The screening methodology set out in this section reflects current best practice for an MTO operating in a DRC FATF Grey List environment and is provided in good faith as a recommended operating framework. Compliance with applicable regulatory obligations remains solely FreshPay's responsibility. FreshPay should obtain independent legal and compliance counsel to confirm that this methodology satisfies all specific regulatory obligations applicable to its BCC licence, CENAREF reporting obligations, and GABAC membership requirements. Anqa does not assume liability for regulatory outcomes arising from FreshPay's compliance programme.
B.1 — Transaction Monitoring: Continuous, Real-Time
| Parameter | Specification |
|---|---|
| Frequency | Continuous — every transaction at point of transfer, in real-time |
| Coverage | 100% of all outbound and inbound transfers — no batching, sampling, or deferral |
| Response time | <500ms per API call |
| Volume basis | 1 TM unit per transaction processed |
| Tier allocations | FM-1: up to 108,000 tx/mo · FM-2: up to 324,000 tx/mo · FM-3: up to 540,000 tx/mo |
| Rule library | 500+ pre-configured rules including threshold breaches, structuring, velocity anomalies, rapid fund movement, atypical corridors, and GABAC-specific typologies |
| Blocking | Automatic block/hold on confirmed sanctions match; configurable for other alert types |
B.2 — Watchlist Screening: Events & Allocation
| Event | Action | Screens Consumed |
|---|---|---|
| New customer onboarding | Full S&P screen per applicant — sanctions, PEPs, internal lists | 1 |
| Each transaction (sender) | S&P screen of sender at point of transfer, real-time | 1 |
| Each transaction (beneficiary) | Available on request — risk-based activation recommended | 1 (if activated) |
| Watchlist delta alert (C.1) | Automated — triggered by confirmed list change; targeted screens only | 0–N (event-driven) |
| Periodic full-base re-screen | Scheduled batch at applicable tier rate — see batch pricing above | 1 per customer |
| Tier | Transactions | Buffer + New Customers | Total Allocated Screens |
|---|---|---|---|
| FM-1 | 50,000 | +4,000 + ~750 | ~54,750 |
| FM-2 | 152,000 | +12,160 + ~2,280 | ~166,440 |
| FM-3 | 300,000 | +24,000 + ~3,000 | ~327,000 |
B.3 — Adverse Media: A Proportionate, Risk-Based Approach
Scheduled Adverse Media: A Cost-Effective Recommendation
Advisory note from the Anqa compliance team
Anqa's platform supports continuous adverse media monitoring. However, for a money transfer operator handling high-volume micro-remittances, we respectfully recommend a scheduled, risk-stratified approach. Continuous scanning generates high alert volumes that can consume compliance team bandwidth without proportionate risk reduction — and at 152,000+ transactions per month, the cost impact of continuous screening would significantly exceed FMT's budget parameters.
Our recommended approach stratifies screening frequency by customer risk rating, satisfying ongoing monitoring obligations under FATF Recommendation 10 while managing cost and operational workload effectively:
| Event | Risk Cohort | Action | Frequency |
|---|---|---|---|
| New customer onboarding | All | 1 AM search per new customer | At onboarding |
| P-CDD EDD trigger | Any | Immediate AM search on behavioural or risk flag | Real-time |
| Scheduled re-screen | High-risk / PEPs | Automated scheduled batch | Monthly / quarterly |
| Scheduled re-screen | Medium-risk | Automated scheduled batch | Quarterly / bi-annually |
| Periodic re-screen | Standard-risk | Not required under this methodology | — |
B.4 — eKYC Onboarding
| Event | Action | Units |
|---|---|---|
| New customer onboarding | Biometric identity verification + liveness detection + document verification + risk scoring | 1 |
| Re-KYC (regulatory trigger) | On regulatory directive or material customer profile change | 1 |
| Periodic re-KYC (standard-risk) | Not required under this methodology | 0 |
Section C — Ongoing Monitoring Programme
The following capabilities are included at no additional charge and address FMT's ongoing monitoring requirements under Section 3.1C of the RFP.
Daily Watchlist Delta Monitoring
Automated screening triggered by confirmed changes to sanctions and PEPs watchlists — every 24 hours. Targeted re-screens only affect customers matched to list changes, providing continuous effective coverage without consuming full-sweep screen volume. Satisfies the daily re-screening requirement efficiently.
Automated Watchlist Alert Cases
When a delta event or transaction triggers a watchlist match, the platform automatically creates a structured case in the alert console with a complete intelligence package — match rationale, supporting evidence, customer profile — ready for investigator review and disposition.
Risk-Based EDD Triggers (P-CDD / RCA)
Perpetual Customer Due Diligence engine continuously monitors behavioural patterns, country flow dynamics, geographic risk signals, and cross-database intelligence. Real-Time Critical Alerting notifies your team automatically when risk thresholds are crossed, with a complete intelligence package for investigators.
Scheduled Adverse Media (Recommended)
Risk-stratified scheduled screening configured per customer cohort. Maximises compliance coverage, eliminates alert noise, and controls cost. The most operationally sustainable model for a high-volume MTO in a FATF Grey List environment.
Perpetual Customer Due Diligence (P-CDD) & Real-Time Critical Alerting (RCA) — Included
P-CDD is a core platform differentiator that goes well beyond standard sanctions list polling. Anqa's engine draws intelligence continuously from across FMT's customer data and the Anqa intelligence ecosystem — including Country Risk Analysis, corridor-level behavioural baselines, and cross-database risk signals. This means risk profile changes are detected automatically, before a transaction is flagged or a compliance team member notices a pattern.
When a customer's risk profile changes — a new high-risk corridor opening, unusual transaction velocity, a location shift, or a watchlist status change — Real-Time Critical Alerting assembles a complete intelligence package for your investigators before the case is even opened. Your compliance team focuses on genuine risk, not triage.
Section D — Compliance Coverage Statement
The methodology in Sections B and C is designed to provide FMT with demonstrable coverage across its AML/CFT obligations as a DRC-licensed MTO supervised by BCC, reporting to CENAREF, and subject to GABAC and FATF standards.
Section E — Commercial Terms & Legal Conditions
| Billing cycle | Monthly in arrears |
| Payment terms | Net 30 days from invoice date |
| Accepted payment methods | International wire transfer (USD); ACH available on request |
| Currency | USD (EUR available on request) |
| VAT | 16% DRC VAT applied to all invoices |
| Contract term | 12 months minimum; automatic annual renewal with 60 days' written notice to terminate |
| Pricing validity | 90 days from proposal submission (17 March 2026) |
| Rates during term | Fixed for initial 12-month term; reviewed at renewal |
| Disputed invoices | Must be raised in writing within 7 days of invoice date |
| Service suspension | May be triggered on payment 30+ days overdue; written notice provided before any action |
| Data residency | DRC/Regional; configurable to BCC and CENAREF requirements |
| Governing law | Democratic Republic of Congo |
| Uptime SLA | 99.5% minimum |
| API performance | <500ms per screening request; minimum 100 requests/minute sustained |
| Scalability | Platform capacity: 500M+ transactions/day; FMT Year 2 volume represents <0.01% of capacity |
Pricing Disclaimers & Client Responsibilities
(a) Consumption-based billing. All pricing is consumption-based. Monthly invoices reflect actual units consumed across all modules. Estimates in this document are based on FMT's stated transaction projections and Anqa's recommended screening methodology and are provided for indicative purposes only.
(b) Methodology adherence. Estimated costs assume FMT operates within the screening methodology described in Section B. Deviations — including increased screening frequency, activation of dual-party screening, ad hoc bulk re-screens, or additional module activation — will result in additional charges at the applicable tier rate. FreshPay should contact Anqa before making changes to the screening methodology.
(c) Technology provider limitation. Anqa Compliance is a technology service provider and does not provide legal, regulatory, or compliance advisory services. The methodology in Section B reflects current best practice and is provided in good faith. FreshPay must obtain independent legal and compliance counsel to confirm this methodology satisfies all obligations applicable to its BCC licence, CENAREF reporting requirements, and GABAC membership.
(d) Transaction Monitoring continuity. Transaction Monitoring is a continuous service. Any period during which FreshPay processes transactions without active TM coverage may constitute a regulatory breach. Anqa is required to report such events to relevant authorities where required by applicable law.
(e) Volume reporting. FreshPay will receive automated alerts at 80% and 95% of tier capacity each month, plus a monthly volume dashboard showing screens consumed, remaining capacity, and projected end-of-month spend. FreshPay is responsible for monitoring its usage and contacting Anqa if volume is expected to exceed the current tier.
(f) Tier escalation. If FreshPay's monthly transaction volume exceeds the current tier cap for two consecutive months, Anqa will provide 10 days' written notice and move FreshPay to the next tier effective the following billing period. No penalty rates apply. If volume exceeds FM-3 (500,000 transactions/month), a custom enterprise rate must be negotiated; Anqa will not suspend service during good-faith commercial discussions.
(g) Proposal supersession. This rate card supersedes all prior verbal or written quotations. Execution of a Service Agreement incorporating this rate card constitutes acceptance of all terms herein.
Global & Enterprise Case Studies
Anqa's leadership team has direct, demonstrable experience delivering compliance technology and fintech infrastructure in environments directly relevant to FreshPay Money Transfer's requirements. The following case studies illustrate our practical capability.
ANZ Banking Group (New Zealand): CEO Daniel Rogers held senior AML roles, implementing New Zealand's AML Act into one of the world's largest transaction banks. Successfully validated by regulators, demonstrating capability under FATF-equivalent scrutiny.
ICBC Bank New Zealand: Managed AML compliance for international remittance flows, integrating Asian financial flows into Australasian regulatory frameworks. Directly relevant to cross-border remittance AML typologies.
NZ Ministry of Justice – AML Advisory: CEO Daniel Rogers provided expert AML advisory services to the New Zealand Ministry of Justice during the development of the country's AML/CFT regulatory framework. This engagement involved translating FATF recommendations into practical regulatory requirements and advising on supervisory expectations.
Bloomberg / Government Banking Clients (US Consulate, British High Commission): Supported government and institutional clients requiring the highest grade of security and compliance, deploying transaction and reporting systems under regulator-sensitive oversight.
African Market Case Studies
East African Fintech Platform — Instacash (114,000+ Users): COO Michael Osimbo led the operational delivery of a 114,000+ user financial services platform in East Africa. Challenges addressed included real-time identity verification at scale, AML transaction monitoring for high-frequency mobile money transactions, and regulatory reporting under POCAMLA. Outcomes included zero regulatory sanctions during the review period. Michael delivered production integrations with Kenya's Integrated Population Registration System (IPRS) and eCitizen platform. This demonstrates technical capability to integrate with government identity databases — directly applicable to DRC identity verification requirements — and experience navigating government system API access in African jurisdictions.
Anqa’s CTO, Joel Barasa, operates at a high level of maturity (TOGAF-aligned). His experience with KCB Group and NCBA Group (two of East Africa's banking giants) shows he can handle "high-velocity" environments where millions of transactions and regulatory compliance (PCI DSS, ISO 20022) are non-negotiable. He is an expert in the "plumbing" of global finance—integrating with Visa, Mastercard, and T24 Core Banking. He has built systems for digital card issuance and cross-border remittances.
Anqa — backed by its CEO's global expertise (including direct regulatory advisory experience), Nairobi-based CTO/COO leadership, Microsoft's validation, and a track record of successful African deployments — is uniquely positioned to deliver a regulator-approved, sector-trusted solution for FreshPay Money Transfer.
Implementation Methodology: Discovery and Delivery Approach
Anqa's approach is structured to reduce implementation risk, respect FreshPay Money Transfer's operational realities, and deliver a regulator-ready outcome,
Phase 1: Technical & Operational Discovery
Anqa conducts a focused discovery phase to map FreshPay Money Transfer's unique environment. This is a collaborative deep-dive to architect the right solution from the start.
Systems Architecture Review: We map FreshPay Money Transfer's existing technology landscape, including core transaction processing systems, customer onboarding channels, data sources, and transaction feed formats.
Compliance Workflow Analysis: Our team documents FreshPay Money Transfer's current compliance operations—how alerts are reviewed, how cases are investigated, how SARs are filed, and how the MLRO oversees the process.
Data & Integration Planning: We align on API connectivity, security controls, access governance, and integration patterns tailored to FreshPay Money Transfer's technical stack.
Regulatory Framework Calibration: We review FreshPay Money Transfer's specific obligations under BCC regulations, CENAREF reporting requirements, and GABAC guidance to ensure the platform's rule sets, typologies, and reporting templates are pre-configured correctly before go-live.
Outcome: A clear, documented integration architecture and implementation plan, signed off by FreshPay Money Transfer's technical and compliance leads, with zero ambiguity on responsibilities or timelines.
Implementation Methodology: Discovery and Delivery Approach
Phase 2: Structured Delivery & Agile Implementation
ANQA delivers through a structured, phased methodology designed to embed quality and reduce risk at every stage.
Scope & Requirements Definition: We formalise the outcomes of Discovery into a detailed scope document. This captures policy requirements (e.g., what constitutes a suspicious transaction), workflow requirements (maker-checker, MLRO escalation), data requirements (what customer fields must be screened), and governance controls (audit log retention, reporting schedules).
Agile Build & Configuration: Working in iterative sprints, our engineers configure the Anqa platform for FreshPay Money Transfer. This includes:
Establishing API connections to FreshPay Money Transfer's transaction systems.
Configuring DRC/GABAC-specific rule sets and typologies.
Setting up watchlists and sanctions feeds.
Configuring user roles, permissions, and dashboards for the FreshPay Money Transfer team.
Integration Testing & Validation: We validate that:
Controls and alerts trigger correctly against test scenarios and known typologies.
Data flows securely and with sub-200ms latency.
Reports generate in the correct formats (XML, CSV, PDF) with complete data.
FreshPay Money Transfer's technical team gains hands-on confidence in the integration.
Go-Live Readiness & Deployment: Go-live is treated as a controlled event. We confirm:
Operational Readiness: FreshPay Money Transfer's compliance users are trained (via the Phase 4 UAT & Training activities in the main timeline) on platform navigation, alert management, investigation workflows, and SAR preparation.
Process Readiness: FreshPay Money Transfer's internal investigation processes, escalation pathways, and reporting cycles are aligned with the platform's capabilities.
Technical Readiness: All production credentials are active, and a rollback plan is in place. ANQA support staff are on standby.
Post-Implementation Review & Optimisation: Following go-live, Anqa conducts a formal review. We analyse initial alert volumes, fine-tune threshold calibration to optimise the balance between detection and false positives, and review the first regulatory reports to ensure they meet CENAREF expectations. This transitions seamlessly into our ongoing support and account management model.
Implementation Methodology: Discovery and Delivery Approach
This structured approach ensures that ANQA is not simply installed at FreshPay Money Transfer, but is operationally embedded—delivering a compliance function that is efficient, auditable, and ready to withstand the scrutiny of regulators and correspondent banking partners
Anqa begins engagements with technical discovery to ensure integration into an institution’s existing environment is secure, operationally practical, and implementation-ready. Discovery covers existing systems, data sources, onboarding channels, transaction feeds, and current compliance workflows, followed by architecture alignment on API connectivity, security controls, access governance, and integration patterns
Anqa delivers through a structured methodology designed to reduce implementation risk and support regulator-ready outcomes. Delivery is phased and includes scope definition, documentation and requirements capture, Agile build and testing, go-live readiness and deployment, and post-implementation review.
The approach ensures policy requirements, workflow requirements, data requirements, and governance controls are documented clearly; integrations are designed and tested in alignment with operational realities; controls and alerts are validated against typologies and expected behaviours; and go-live includes operational readiness across user roles, investigation processes, escalation pathways, and reporting.