We are a Colombian multinational company created in 2007 by investors and visionaries from India. Sophos Solutions is a simplified stock company (S.A.S by its acronym in Spanish), offering Consulting, Core Banking Implementation, Testing Factory and Software Factory services primarily for financial and stock market companies. We are currently a company of Advent International.
At SOPHOS, we specialize in IT products and services for the financial sector, offering solutions for Banking Core, Digital Channels, Capital Markets, Risk, Comprehensive Information Management and Data Analysis.
Sophos has a presence in more than 12 countries of America, covering North America, Central America, and South America. Currently, we have offices in Colombia, Mexico, Panama, United States and Chile. We have more than 14 years of experience in IT solutions, always with partners specialized in different services and technologies. In order to gain greater access to national and international markets, the company establishes working relationships with specialized collaborators from all over the world, working remotely and other modes of operation such as NearShore (Latam remote work), OffShore (remote work in other continents), and Inside (customer work).
Considering the company’s growth, the Colombian parent company exercises direct control over each of its subsidiaries (Panama, Mexico, and Chile) and indirect control over its subsidiary (United States), the administrative structure is carried out in a centralized manner. However, for the proper and timely development of functions, powers are granted to natural or legal persons according to their needs.
SOPHOS SOLUTIONS S.A.S implements the Comprehensive Self-Control and Risk Management System of LA/FT/FPADM (hereinafter SAGRILAFT by its acronym in Spanish), with the aim of having policies, procedures, controls and all kinds of mechanisms aimed at protecting the company from being used by any means for money laundering, terrorist financing and the financing of the proliferation of weapons of mass destruction, considering that these actions represent a risk to the stability and integrity of the company.
The LA/FT/FPADM Comprehensive Risk Management and Self-Control System applies to all Sophos Solutions collaborators including the parent, subsidiaries and all related parties, interest groups, partners and business partners, understood as customers, strategic allies, business allies, contractors, consultants, subcontractors, domestic and international suppliers, advisors, representatives, intermediaries, investors, licensors, lessors and their analogy to the countries that operate the subsidiaries, in general to all those with whom any business or contractual relationship is established directly or indirectly.
It is applicable to all internal processes that demonstrate risk factors surrounding the applicability and regulation of money laundering, terrorist financing and the financing of the proliferation of weapons of mass destruction (LA/FT/FPADM by its acronym in Spanish).
The objective of this system is to prevent, detect and mitigate in a timely manner operations that may be used for money laundering, terrorist financing or the proliferation of weapons of mass destruction against Sophos Solutions and its subsidiaries.
For the purposes of this manual, all definitions are understood according to those established in Circular 100-000016 of December 24, 2020 of the Superintendencia de Sociedades of Colombia. In addition, the following definitions:
Unlawful activities: Conduct or activities that under an existing rule are unlawful, that is, against the law.
Close Associate: These are legal persons who have as administrators, shareholders, controllers, or managers Politically Exposed Persons, or who have constituted autonomous or fiduciary assets for the benefit of these, or with whom business relations are maintained.
Operation attempted or rejected: It is configured when the intention of a natural or legal person to carry out a suspicious operation is known, but it is not perfected because when attempting to carry it out it ceases or because the controls established or defined do not allow to carry it out. Only attempted or rejected operations that have the characteristics of a suspicious operation should be reported.
Non-Cooperating Countries and High-Risk Jurisdictions: This list refers to the list of jurisdictions that do not meet international standards for combating money laundering and terrorist financing, and the degree of political commitment of their authorities to address the identified deficiencies, as defined by the Financial Action Task Force (FATF).
PEP (Politically Exposed Persons): They may be public servants of any system of nomenclature and classification of jobs of the national and territorial public administration, when in the positions they occupy, they have in the functions of the area to which they belong or in those of the record of employment that they occupy, under their direct responsibility or by delegation, the general direction, of the formulation of institutional policies and of the adoption of plans, programs and projects, the direct management of assets, money or values of the State. These can be through spending management, public procurement, management of investment projects, payments, settlements, administration of movable and real estate. It also includes foreign PEPs and PEPs from international organizations.4
PEP (People exposed publicly): They are those who for their activities have national and/or international recognition. For example, prominent lawyers, senior executives, architects, athletes, celebrities, military and police forces, civil servants, judges, politicians, registrars and prominent religious.
Warning Signs: These are all the particular facts and circumstances surrounding the conduct of transactions specific to each third party with which the Company relates, from which it can be identified in a preventive manner if they are subject to careful and detailed study. We can classify operations into: Unusual and suspicious operations.