ERAM · Compliance · KYC & CDD

KYC & CDD Policy.

How ERAM Real Estate identifies, verifies and understands its investors and customers, in line with Kosovo AML law and EU best practice.

Effective date: 1 May 2026 · Last updated: 12 May 2026 · Owner: Money Laundering Reporting Officer (MLRO) · Review cycle: Annual

1. Purpose

This Know Your Customer (KYC) and Customer Due Diligence (CDD) policy sets out the standards and procedures by which ERAM Real Estate Sh.P.K. identifies, verifies and understands its investors and customers, in compliance with the Kosovo Law on the Prevention of Money Laundering and Combating Terrorist Financing and aligned with EU best practice.

2. When CDD is required

ERAM applies CDD measures:

  • Before establishing a business relationship with a prospective investor on the ERAM Investors Portal;
  • Before entering into a unit-sale or commercial lease contract that meets or exceeds the threshold specified by Kosovo AML law;
  • Whenever there is a suspicion of money laundering, terrorist financing, sanctions evasion, or other financial crime, regardless of any threshold;
  • Whenever there are doubts about the accuracy or adequacy of previously obtained identification data;
  • On an ongoing basis throughout the business relationship, with periodic refresh according to the customer's risk rating.

3. Information collected — individuals

  • Full legal name (including any prior names);
  • Date and place of birth;
  • Nationality (and dual nationalities if applicable);
  • Government identification document (passport or national ID) including identification number and expiry date;
  • Residential address and proof of address (issued within the previous three months);
  • Tax residence and tax identification number where applicable;
  • Contact details (email, telephone);
  • Occupation and employer;
  • Source of funds for the investment or purchase;
  • Source of wealth, particularly for higher-value or higher-risk relationships;
  • Politically Exposed Person declaration.

4. Information collected — legal entities

  • Full registered name and any trading names;
  • Country of incorporation and registration number;
  • Registered office address and principal place of business;
  • Legal form and constitutional documents;
  • List of directors and authorised signatories with their personal identification;
  • Beneficial ownership structure — every natural person holding more than 25% of capital or voting rights, or otherwise exercising control;
  • Nature of business, regulatory status if applicable;
  • Source of funds and source of wealth of the entity and its beneficial owners.

5. Verification of identity

Identity is verified through reliable, independent sources. For remote onboarding via the ERAM Investors Portal, verification is performed by a regulated KYC service provider, including liveness biometric check and document-authenticity verification.

Where remote verification is not available or appropriate, in-person verification by ERAM staff against original documents is performed and recorded.

6. Beneficial ownership

For every legal-entity customer, ERAM identifies and verifies every natural-person beneficial owner. Where the ownership chain involves multiple layers, each layer is mapped until natural persons are reached. Where no natural person is identified as holding more than 25% of capital or voting rights, the natural person(s) holding senior management positions are identified as beneficial owners and the rationale is documented.

7. Risk classification and review frequency

Every customer is assigned a low, medium or high risk rating at onboarding. Risk drivers include customer type, geography, political exposure, complexity of structure, transaction profile, source of funds, and adverse-media outcomes. Risk rating drives the depth of CDD applied and the frequency of CDD refresh:

  • Low risk: simplified CDD where permitted by law; refresh every 36 months.
  • Medium risk: standard CDD; refresh every 24 months.
  • High risk: enhanced CDD; senior-management approval required; refresh every 12 months.

8. Refusal and termination

Where CDD cannot be completed satisfactorily, the business relationship will not be established. Where CDD cannot be maintained satisfactorily during the relationship — for example, where information cannot be refreshed or there is unresolved suspicion — the relationship will be terminated in accordance with applicable law, and a SAR will be considered.

9. Confidentiality and data protection

Personal data collected under this policy is processed in accordance with ERAM's Privacy Policy, the Investor Data & GDPR Statement, and the Kosovo Law on Personal Data Protection.

Contact

Questions regarding this policy, or to report a concern: [email protected]. Confidential reports may also be made via our Whistleblowing channel.

ERAM Real Estate Sh.P.K. · Business no. (NUI) 812052025 · Registered 13/06/2023 · Rruga Agim Ramadani, Nr. 2, 10000 Prishtina, Kosovo