AML/KYC/CFT Policy

INTRODUCTION

This is the Anti-Money Laundering / Know Your Customer Policy (the "Policy") of Our company Service Group ("Our company").

Our company shall implement the Policy utilizing a risk-based approach. As a best practice, Our company shall document instances in which it deviates from initial requirements of the Policy and utilizes a risk-based approach.

Our company may utilize the resources of its affiliates ("Affiliates") or third parties in the implementation of the Policy. Our company shall enter into agreements with such Affiliates or third parties as may be necessary to ensure that the Policy is implemented properly and with reasonable care. Any references to Our company or its staff shall apply to Our Affiliates or third parties, or such Affiliates' or third parties' staff, to the extent elements of the Policy are performed by Affiliates or outsourced.

For the purposes of the Policy, the term "Customers" shall include such persons who are considered "customers" as such term is defined in the Notice.

DEFINITION OF TERMS

Money Laundering

Money Laundering is a process by which criminal proceeds are sanitized to disguise their illicit origins. Acquisitive criminals will attempt to distance themselves from their crimes by finding safe havens for their profits where they can avoid confiscation orders and to make them appear legitimate.

Money Laundering schemes range from very simple to highly sophisticated. Usually, they involve three stages:

Placement - the process of getting criminal money into the financial system,
Layering - the process of moving money in the financial system through complex webs of transactions, often via offshore companies
Integration - the process by which criminal money ultimately become absorbed into the economy

1.0 PRINCIPLES AND RESPONSIBILITIES

Our senior management has a zero-tolerance policy towards financial crime, money laundering, bribery, corruption, fraud and terrorist financing. Our company requires staff to be vigilant for signs of financial crime and to immediately report any suspicious activities/incidents to the Compliance Officer (the "Compliance Officer"), as appropriate.

Customer Due Diligence ("CDD") shall be conducted on each prospective Customer before providing a Service to such prospective Customer. Our company shall not share any anomalies of a CDD review with Customers (other than a statement notifying the prospective Customer that he/she has not satisfied Our onboarding requirements). In the event (i)

In general, CDD comprises the following activities:

Identifying the prospective Customer by obtaining certain information;
Verifying the identification information obtained; and Reviewing the earlier Customer transactions in the case of refresher CDD.
Our company takes the following measures to conduct CDD (parentheticals identifying parties responsible):

Gather CDD data from prospective Customers, including such additional information deemed appropriate after Our company has reviewed the Our company Review.
Collect internet protocol addresses from each Customer. Our company retains a record of each Customer's internet protocol address (Operations Manager);
Review the CDD data collected (Compliance Manager);
Conduct politically exposed person ("PEP") and sanctions screening checks (Appendix B), plus any additional detailed due diligence considered necessary; and
Based on the foregoing, approve or reject the prospective Customer's application to use Services, including documenting such approval/rejection. (General Manager)
Our company acknowledges that, while Our company may delegate certain tasks to third parties, ultimate responsibility for onboarding any Customer or the CDD measures taken shall remain the responsibility of Our company.

CDD records shall be maintained for a minimum of seven years after the later of (i) a Customer's onboarding or (ii) a rejection of a prospective Customer or Customer's application to use Services. Our company shall comply with applicable law regarding the storage and safe-keeping of CDD records.

2.0 CUSTOMER DUE DILIGENCE

2.1 Determination of Levels of CDD and Required Customer Information

In accordance with the Notice, Our company conducts CDD utilizing a risk-based approach. Our approach varies depending on the risk assessment of a prospective Customer; provided, however, that the application of an initial risk assessment constitutes a refutable presumption which may be overridden by the Risk Committee.

An initial risk assessment of a prospective Customer is conducted based on the nationality and jurisdiction of residence of the prospective Customer. Appendix A hereto sets out Our jurisdiction risk assessment. Thereafter, the Customer's transaction activities shall determine the ongoing statistical risk which will go along with the initial risk assessment to complete an overview of the Customer's risk assessment.

In all cases, Our company will obtain the information (the "Basic Information") set forth in Appendix C hereto. In addition to the Basic Information, Our company may collect such other information as it may deem appropriate.

Prospective Customers shall submit the Basic Information to Our company via its website. The Basic Information will first be reviewed by the Marketing Manager (the "Our company Review"). Our company uses World-Check by Refinitiv for its sanctions list screening.

Simplified Due Diligence and Regular Due Diligence

At its sole discretion, Our company applies Regular Due Diligence standards in cases where Simplified Due Diligence could be applied.

Enhanced Due Diligence

In cases which require Enhanced Due Diligence, certified documents must be certified by a qualified third party such as a notary public or practicing CPA. The certifier must sign and date the copy document (printing his/her name clearly in capitals underneath) and clearly indicate his/her position or capacity on it and provide his/her contact details. The certifier must also state that it is a true copy of the original document. The completion of this exercise will be documented by Our company.

In the event (i) Enhanced Due Diligence successfully completed and (ii) the Our company Review does not yield any anomalies, Our company may offer Services of an unlimited dollar amount to a prospective Customer.

In the event the Our company Review yields any anomalies, (i) the application of the prospective Customer to use Services will be provisionally declined (subject to a further review by the Risk Committee, which may include additional procedures being undertaken).

All documents, information and details obtained shall be further verified through independent 3rd party sources to ensure authenticity. Further clarification should be sought from the applicant for any discrepancy and/or inconsistency. 3rd party sources would include screening identities through services such as Refinitiv WorldCheck or public sources for adverse news.

2.2 Disposition of Prospective Customer Applications

Our company shall record the disposition of all prospective Customer applications.

3.0 SANCTIONS AND GOVERNMENT PROVIDED LISTS OF TERRORISTS

As part of the Our company Pre-requisite Review, Our company uses World-Check by Refinitiv to screen each prospective Customer against certain sanction watchlist databases. In the event of a screening hit, Our company will exercise its discretion and judgement to determine whether the prospective Customer should be treated as a PEP, having regard to the risks and circumstances of each case. Our company may decide to conduct Enhanced Due Diligence on the prospective Customer, conduct additional procedures or escalate the case to the Compliance Manager for a decision as to whether Our company will onboard the prospective Customer.

The rationale for approving a prospective Customer with such a screening hit shall be documented.

In addition to PEP status, factors such as the age and nature of a screening hit may be considered to present a greater or lesser risk of money laundering and terrorist financing. Attention will be paid to Customers applications and transactions with Customers from or residing in countries that have inadequate anti-money laundering/countering the financing of terrorism measures.

4.0 MONITORING AND SUSPICIOUS TRANSACTION REPORTING

4.1 Monitoring

Our company will monitor, on an ongoing basis, its business relations with Customers. Our company will observe the conduct of the Customer's account and scrutinise transactions undertaken throughout its relationship with the Customer to ensure that the transactions are consistent with Our knowledge of the Customer, its risk profile and, where appropriate, the source of the Customer's funds. Our company will pay special attention to all complex, unusually large or unusual patterns of transactions undertaken by the Customer, particularly any transactions that have no apparent or visible economic or lawful purpose.

4.2 Refresher CDD

It is a basic legal requirement that CDD information be kept up to date. Pursuant to Our terms of business with Customers, Customers are required to notify Our company in writing of certain changes (if any) to their Basic Information. Upon such notification, Our company will conduct a new Our company Review on the Customer prior to any new transfers of funds by the Customer to a stored value facility.

In addition, Our company will require Customers to undergo mandatory refresher CDD on a periodic basis. At a minimum:

Customers who were approved on the basis of Simplified Due Diligence will undergo refresher CDD every three years. Customers who were approved on the basis of Regular Due Diligence will undergo refresher CDD every two years. Customers who were approved on the basis of Enhanced Due Diligence will undergo refresher CDD every year.

4.3 Suspicious Transaction Reporting

Our company staff must report suspicions concerning any Customer, the source of funds or a transaction immediately to the Compliance Officer, who shall be responsible for determining next steps, documenting the disposition of the case and reporting suspicious activities to the appropriate authorities (as necessary). The report must be made to the Suspicious Transaction Reporting Office, under the Commercial Affairs Department of the Local police Force, as soon as it is reasonably practicable after the matter comes to the Compliance Officer's attention.

By raising such suspicions with the Compliance Manager, a Our company staff will discharge his/her legal duty to make a report and the Compliance Manager will then take on responsibility for escalating the issue as appropriate.

It is critical that Our company staff member do not:

Express their suspicion within earshot of others;
Discuss the matter with any of their colleagues, including their manager, either before or after notification; and
Discuss the matter with the Customer or any of his/her affiliates or professional advisors.
Any of the above could cause a Our company staff member to commit the offence of "tipping off" which carries a prison sentence or a fine in many jurisdictions.

Addition of Sanctions Related to Russia

In light of recent international developments, Our Company has updated its sanctions policy to include restrictions on transactions related to Russia. This includes, but is not limited to, the direct or indirect processing of payments to or from entities located in Russia or owned by Russian nationals. Our Company will conduct enhanced due diligence on any transactions that may potentially involve Russian entities to ensure compliance with international sanctions.

Furthermore, Our Company has implemented IP blocking measures to restrict access to our services from IP addresses originating in Russia. This is in line with our commitment to adhere to global regulatory standards and to prevent any association with activities that may be subject to international sanctions.

Our Company will continue to monitor the situation closely and update our policies as necessary to remain compliant with international regulations and to safeguard our operations from legal and reputational risks.