Platform Agreement

Financial Crimes Compliance Statement

Revised October 1, 2023

Brex recognizes that financial crimes have a devastating impact on individuals and the communities within which they live. Financial Crime threatens the safety and stability of the United States and countries around the world.

Therefore, Brex is committed to conducting business in accordance with the highest ethical standards and in full compliance with all financial crime laws and regulations that apply to our business in order to:

  • Protect our customers, business partners and platform; and
  • Support law enforcement in the prevention of financial crime.

As part of our enterprise risk governance framework, Brex manages financial crime risk using a three lines of defense model that is designed to establish independence and multiple levels of risk control.

Brex develops and implements risk-based financial crimes compliance policies and programs that:

  • Facilitate compliance with applicable financial crime laws and regulations promulgated by the government of the United States;
  • Promote strong governance and risk management throughout Brex to properly manage and mitigate financial compliance risks;
  • Disseminate Brex’s financial crime-related guidance, standards, and expectations;
  • Support cooperation with regulatory and law enforcement authorities; and
  • Help Brex’s Employees conduct business in compliance with all applicable financial crime-related laws and regulations and provide services to Customers in conformity with Brex’s risk appetite.

Brex establishes risk-based policies and programs for the following key risk areas:

  • Anti-Money Laundering (including terrorist and proliferation financing);
  • Anti-Fraud;
  • Sanctions; and
  • Anti-Bribery and Corruption.

These policies and programs apply across all of Brex’s operations, Employees - including contractors and contingent workers - and in all locations within which Brex operates to protect Brex from being misused by criminals and those who support terrorism and the proliferation of weapons of mass destruction either in the U.S. or abroad.

For more information about Brex’s risk-based approach for financial crime risk management and compliance, please see the following appendices:

Appendix A - BSA/AML Statement (US)

Appendix B - Anti-Financial Fraud Statement (US)

Appendix C - OFAC / Sanctions Statement (US)

Appendix D - Anti-Bribery & Corruption Statement (US)

Appendix A - BSA/AML Statement (US)

Brex recognizes that money laundering, which includes terrorist financing and the proliferation of weapons of mass destruction, threatens the safety and stability of the United States and the global community.

Therefore, Brex is committed to complying with all applicable U.S. laws and regulations designed to combat money laundering, including the Bank Secrecy Act (“BSA”), as amended by the U.S.A PATRIOT Act.

Accordingly, Brex adopts a risk-based BSA/AML Compliance Policy and Program that establishes Brex’s enterprise-wide standards to which all AML-related policies and implementing procedures must adhere.

Brex’s BSA/AML Compliance Policy and Program is based on Brex’s products, services, customer base and the geographic locations where it operates and conducts business. It is designed to enable Brex to fulfill its BSA/AML obligations, protect its reputation and assist in scaling its operations to business growth by defining the components of an effective BSA/AML compliance program:

  • Management commitment and support through a BSA/AML compliance governance framework;
  • Brex-wide, cross-functional partnerships and cooperation through a three lines of defense model;
  • BSA/AML risk assessment that drives decisions related to implementing the Policy and Program;
  • A risk-based Know Your Customer (“KYC”) Program for BSA/AML compliance;
  • A risk-based ongoing monitoring process identifying and reporting suspicious activity;
  • Independent review of the Policy and Program for BSA/AML compliance;
  • Procedures and processes for information sharing;
  • Recordkeeping and retention requirements that comply with the BSA;
  • BSA/AML training for appropriate Employees; and
  • Board designated Bank Secrecy Act Officer.

Appendix B - Anti-Financial Fraud Statement

Brex recognizes that financial fraud leads to financial losses, reputation damage and other long-term repercussions - for Brex and its Customers.

Brex takes all allegations of financial fraud seriously, without exception, and is committed to complying with all applicable U.S. laws and regulations designed to combat financial fraud.

As such, Brex implements risk-based internal safeguards to identify, detect, prevent, monitor and report possible financial fraud activity that occurs on its platform.

Brex establishes a risk-based Fraud Policy that is based on Brex’s products, services, Customer base and the geographic locations where it operates and conducts business. Brex’s Fraud Policy establishes a risk-based program for managing financial fraud risk in the following key risk areas:

  • Account fraud,
  • Account takeovers; and
  • Unauthorized transactions.

Appendix C - OFAC / Sanctions Statement (US)

Brex recognizes that sanctions violations threaten the national security of the United States and the safety of the global community.

As a global financial institution, Brex is committed to complying with applicable economic and trade sanctions related programs and regulations in the jurisdictions within which we operate.

This includes, but is not limited to, economic and trade sanctions related programs and regulations developed by the U.S. Department of State and administered and enforced by the U.S. Department of Treasury’s Office of Foreign Assets Control (“OFAC”), Financial Crimes Enforcement Action (“FinCEN”), and the U.S. Department of Commerce’s Bureau of Industry & Security (“BIS”).

OFAC strongly encourages organizations subject to U.S. jurisdiction to employ a risk-based approach to sanctions compliance by developing, implementing, and routinely updating a sanctions compliance program.

Accordingly, Brex takes steps to mitigate potential risk associated with violations of sanctions laws and regulations - and the risk of conducting business with sanctioned parties and in sanctioned jurisdictions - by establishing a risk-based OFAC/Sanctions Compliance Policy and Program.

Brex’s OFAC/Sanctions Compliance Policy and Program establishes Brex’s enterprise-wide standards to which all sanctions-related procedures must adhere. It is based on Brex’s products, services, customer base and the geographic locations where it operates and conducts business. It is designed to enable Brex to fulfill its OFAC/sanctions obligations, protect its reputation and assist in scaling its operations to business growth by defining the components of an effective OFAC sanctions compliance program:

  • Management commitment and support through an OFAC sanctions governance framework;
  • Brex-wide, cross-functional partnerships and cooperation through a three lines of defense model;
  • OFAC sanctions risk assessment that drives decisions related to implementing the Policy and Program;
  • Risk-based internal controls for OFAC sanctions compliance;
  • Independent review of the Policy and Program for OFAC sanctions compliance; and
  • OFAC sanctions training for appropriate employees.

Appendix D - Anti-Bribery & Corruption Statement (US)

Brex recognizes that bribery and corruption threaten the integrity of democratic institutions and stability of the United States and global community.

Brex is committed to conducting all business in an honest and ethical manner and acting professionally, fairly, and with integrity in all our business dealings and relationships wherever we operate.

Brex takes a zero-tolerance approach to Bribery and Corruption and expects that its Employees and Agents to do the same.

Brex is committed to complying with all applicable laws relevant to countering Bribery and Corruption in all the jurisdictions in which it operates. Brex will remain bound by local and national laws as applicable, including the United States Foreign Corrupt Practices Act 1977 (“FCPA”), Brazilian Anti-Corruption Laws, the Israeli Penal Code (5737-1977), and the Canadian Criminal Code and the Corruption of Foreign Public Officials Act (the CFPOA). Although Brex does not currently operate in the United Kingdom, Brex has set internal policy standards in line with the United Kingdom Bribery Act 2010 (“UKBA”), which has been described as the toughest anti-corruption legislation in the world .