Updated as of November 24, 2025

Internal AML Compliance Officer: FinCheck LLC

Objective

The primary goal of this BSA/AML/OFAC policy (referred to as the “AML policy” or “policy” herein) for Pryzr Inc. (the “Company”) is to establish a vigilant and responsive framework that proactively combats and mitigates the risks associated with money laundering and terrorist financing within the online gaming sector. This policy is meticulously designed to align with the stringent requirements of United States federal laws, such as the Bank Secrecy Act (31 U.S.C. §§ 5311-5314, 5316-5332) and the PATRIOT Act (Pub.L. 107-56).

Key Objectives Include:

•Risk Identification: Systematically identifying potential money laundering risks associated with customer activities.

•Compliance Assurance: Ensuring rigorous compliance with all relevant legal and regulatory requirements.

•Customer Due Diligence: Implementing thorough customer due diligence (CDD) measures to verify and authenticate customer identities.

•Continuous Monitoring: Establishing ongoing transaction monitoring protocols to detect and report suspicious activities.

•Staff Training & Awareness: Cultivating a culture of compliance through regular employee training and awareness programs.

•Collaboration with Authorities: Maintaining an open and cooperative stance with regulatory bodies and law enforcement.

•Data Protection & Privacy: Upholding the highest standards of data security and customer privacy in compliance with GDPR and U.S. privacy laws.

•Adaptability & Review: Regularly reviewing and updating the policy to stay abreast of legal changes and emerging risks in the online gaming and financial sectors.

This comprehensive objective is crafted to not only meet but exceed the legal obligations imposed on online gaming entities, thereby fostering a secure and transparent operational environment at Company.

Scope

Applicability

This AML policy applies comprehensively to all dimensions of Company's operations, encompassing various stakeholders, processes, and transactions.

Stakeholders

•Employees: All levels of employees, including management, are required to adhere to this policy.

•Contractors and Agents: External parties engaged in business with Company are also subject to this policy.

•Customers: The policy guides customer interactions, emphasizing due diligence and transaction monitoring.

Processes

•Customer Onboarding: Rigorous processes for customer identification and verification.

•Transaction Processing: Monitoring and reporting of transactions as per the policy guidelines.

•Reporting and Record Keeping: Adherence to legal requirements for documentation and reporting.

Transactions

•All financial transactions, including deposits, withdrawals, and any other monetary movements, fall within the scope of this AML policy.

Geographical Reach

•While primarily focused on complying with U.S. regulations, the policy also considers global anti-money laundering standards, especially in jurisdictions where Company operates or engages with customers.

Compliance and Review

•Regular audits and reviews of AML practices to ensure ongoing compliance and adaptation to new regulations or emerging risks, including an annual review and audit. A purpose of the audit will be to identify any weaknesses or deficiencies in the Company’s risk management, monitoring, and reporting practices as they relate to BSA/AML/OFAC compliance. Each audit shall include a comprehensive review of the Company’s Policy and implementation thereof, including the Company’s policies, procedures, and controls related to the detection of money laundering, terrorist financing, and other financial crimes. The audit will also include a review of the Company’s transaction monitoring systems, sanctions screening processes, customer due diligence practices, and suspicious activity reporting. The auditor will also evaluate the effectiveness of the Company’s risk assessment framework, including its design, implementation, and review frequency, and test the accuracy of data that is used for financial crime detection and risk management purposes. The auditor will identify whether any deficiencies have been identified as part of each audit.

Implementation

•The policy is implemented through a combination of internal controls, employee training, and the use of technology for monitoring and detection purposes.

This scope ensures a holistic approach to AML compliance, covering all aspects of Company’s operations, and reaffirms the Company's commitment to maintaining the highest standards of integrity and regulatory adherence in all its activities.

The Anti-Money Laundering (AML) policy of Company is grounded in a strong legal framework which encompasses US federal regulations. This framework is not only a foundation for compliance but also a guiding structure for our comprehensive AML strategy. The policy reflects our commitment to adhering to the highest standards of legal and regulatory requirements, ensuring vigilant monitoring, and robust reporting mechanisms. In this section, we explore the specific legal guidelines that shape our AML practices beginning with the rigorous standards set forth by US federal law.

US Guidelines

Bank Secrecy Act (BSA)

•AML Program Requirement: The BSA necessitates that financial institutions, including online gaming businesses like Company, establish a comprehensive AML program. This program must include systematized policies, procedures, and controls to detect and report money laundering activities.

•Record-Keeping and Reporting: Mandates the maintenance of detailed records for certain transactions and the filing of reports for transactions over $10,000, such as Currency Transaction Reports (CTR).

•Suspicious Activity Reporting (SAR): Requires filing SARs for transactions that appear to be suspicious, regardless of the amount involved. This includes structured transactions that seem to avoid BSA reporting requirements.

PATRIOT Act

•Enhanced Due Diligence (EDD): Focuses on performing EDD for customers involved in high-risk activities, including international transactions. This includes obtaining information about the purpose of an account, the source of funds, and monitoring account activity.

•Customer Identification Program (CIP): Requires institutions to collect identifying information about their customers and verify their identities. This is essential for Company during customer onboarding.

•Information Sharing under Section 314(a): Facilitates information sharing among financial institutions to identify and report activities that may involve terrorist acts or money laundering.

Other Relevant Regulations

•FinCEN Requirements: Company must comply with the Financial Crimes Enforcement Network (FinCEN) regulations, including adhering to anti-money laundering standards and maintaining a culture of compliance within the organization.

•U.S. Department of the Treasury, Office of Foreign Assets Control (OFAC) laws and regulations as well as applicable law regarding economic and trade sanctions in jurisdictions where the Company does business.

Recent Legal Changes in US Federal Guidelines

Overview

The financial and online gaming sectors are subject to continual legislative and regulatory changes. Company's AML policy incorporates recent updates in US federal laws and guidelines to remain compliant and effective.

Key Changes

•Bank Secrecy Act (BSA) Amendments: Recent amendments have expanded the definition of financial institutions and updated requirements for reporting and record-keeping.

•Strengthening of PATRIOT Act Provisions: Enhancements in the PATRIOT Act have been made, particularly around customer due diligence and beneficial ownership.

•FinCEN's Updated Guidance: The Financial Crimes Enforcement Network regularly updates its guidance on AML practices, including new methodologies for detecting and reporting suspicious activities.

Adaptation and Compliance

•Policy Review and Update: Company’s AML policy is regularly reviewed in light of these changes to ensure full compliance.

•Employee Training: Employees are continuously educated on these changes to ensure they understand and can implement the updated practices effectively.

OFAC

OFAC maintains and publishes a list of people and organizations that are subject to sanction. OFAC also maintains tailored sanctions programs that apply to specific countries. In certain instances, the country-based sanctions are broad enough that the country is regarded as “comprehensively sanctioned” and the Company is not allowed to conduct business with, or disburse funds to, people or organizations located in that country. Other jurisdictions where the Company may publish similar lists indicating people, organizations, and countries subject to sanctions. Those named by OFAC or other applicable jurisdictions, are together referred to as “Sanctions Targets.” The Company has implemented procedures for the screening of its users, suppliers, vendors, and other applicable business associates against applicable Sanction Target lists. The Company has a legal obligation to avoid doing business with or engaging in prohibited transactions with Sanctions Targets, and act as required by OFAC or other applicable regulations in the jurisdictions the Company does business. This may include freezing user accounts, blocking payments, and filing necessary reports with regulatory authorities. Compliance with this policy, OFAC, or other applicable sanctions is essential to protect the Company against criminal and civil penalties and to maintain the Company’s reputation and trust of our users, suppliers, vendors and business associates.

Company is committed to establishing a secure and trustworthy gaming environment. An integral part of this commitment is the rigorous verification of customer identities. This process is crucial in preventing fraud, money laundering, and other illicit activities. Our three-step verification process is designed to be thorough yet customer-friendly, ensuring compliance with legal requirements while safeguarding customer privacy and data.

Three-Step Verification Process Provided by Third Party

Step 1: Identity Collection

1. Data Collection: When a customer wants to create a new account, they provide personal data (name, date of birth, address, etc.) as part of the account opening process with the Company. This process may be facilitated using a third party identity verification service.

2. Document Submission for Verification: The customer is required to provide documents for verification, such as a passport, driver’s license, or ID card. The Company or third party system allows customers to upload these documents easily.

3. Document Verification Process: The Company or a third party provider then checks the authenticity of these documents, examining both their physical and digital features. This involves automated data extraction and comparison using methods like optical character recognition (OCR) and pattern recognition. The documents are analyzed to ensure they are genuine and not forged.

4. Decision on Verification: If the verification is successful and the document is deemed authentic, the customer is considered legitimate. The Company’s or third party’s system provides real-time feedback during this process, ensuring high-quality document capture and efficient verification.

By integrating the identity collection step into the Company’s account setup, the Company can enhance its KYC process, ensuring compliance with AML regulations while providing a secure and user-friendly customer onboarding experience. This system is particularly beneficial for online platforms like the Company’s platform, where remote verification is crucial.

Step 2: Document Verification

1. Threshold-Triggered Verification: When a customer's transaction or account activity reaches predefined thresholds, additional document verification is triggered. This could include scenarios like high-value deposits, withdrawals, or unusual transaction patterns.

2. Document Upload and Analysis: Customers upload supplementary documents such as utility bills or bank statements for address verification. These documents are analyzed for authenticity and consistency with the identity data provided in Step 1.

3. Advanced Authentication Techniques: The Company and/or its third party provider utilizes various techniques to authenticate these documents. This includes checking for security features (watermarks, holograms), conducting colorspace and edge analysis to detect alterations, and verifying the general data against expected standards (spelling, dates, etc.).

4. Cross-Reference and Consistency Check: The system cross-references the information from these additional documents against the initial identity documents and the data provided by the customer, ensuring consistency and authenticity.

5. Real-Time Feedback and Correction: Real-time feedback is provided during the upload process, guiding customers to submit clear and correctly formatted documents, thereby reducing the potential for errors and the need for re-submission.

This detailed approach in Step 2 leverages the Company’s and/or its third party provider’s advanced verification capabilities to enhance the accuracy and integrity of the customer verification process, ensuring compliance with AML regulations and mitigating risks associated with identity fraud.

Step 3: Electronic Verification

1. Comprehensive Database Checks: The Company and/or a third party provider performs extensive electronic verification by cross-referencing customer information against a wide range of public and private databases. This includes checking against global watchlists, sanctions lists, and databases of politically exposed persons (PEPs).

2. Sophisticated Analysis Tools: Utilizing advanced AI and machine learning algorithms, the Company and/or a third party provider analyzes customer data to detect any discrepancies, inconsistencies, or indications of fraudulent activity.

3. Ongoing Monitoring and Alerts: The system is designed for continuous monitoring of customer activities. It flags any unusual patterns or changes in customer behavior that could indicate potential money laundering or other illicit activities.

4. Compliance and Risk Assessment: This step is crucial for maintaining compliance with AML regulations and managing risk effectively. It helps ensure that the Company's operations remain secure and trustworthy.

5. User-Friendly Interface and Process: The electronic verification process is integrated seamlessly into the customer journey, ensuring a smooth and user-friendly experience while maintaining high security and compliance standards.

This detailed approach in Step 3 leverages the Company’s and/or a third party provider’s technology to provide thorough and ongoing verification of customer information, crucial for AML compliance and risk management.

Consent

Informed Consent

•Explicit Permission: Customers are required to give explicit permission for the verification process and the use of their data. This consent is obtained through clear, understandable language, outlining the specific purposes for which the data will be used.

•Documentation: Consent is documented and securely stored as part of the customer's record. Company ensures easy access to this record for both internal compliance checks and customer review.

•Revocation Option: Customers are informed of their right to revoke consent at any time, along with the implications of such revocation on the services they can access.

Risk assessment is a pivotal component of Company's AML policy. This process involves systematically categorizing customers based on their risk profiles to implement appropriate measures for each category. It is a continuous and evolving process, adapting to changing customer behaviors, transaction patterns, and global risk landscapes. The objective is to effectively identify, assess, and manage the risks associated with money laundering and terrorist financing, ensuring that enhanced scrutiny is applied where risks are higher. This proactive risk assessment forms the basis for applying due diligence measures tailored to the risk level of each customer.

Risk Categorization

1. Initial Assessment: On customer onboarding, the Company conducts an initial risk assessment based on information provided during the sign-up process. This includes evaluating transaction patterns, geographic location, type of games played, and frequency of play.

2. Categorization Criteria:

1. Low Risk: Customers with regular, small-scale transactions, residing in low-risk countries (as per international AML standards), and showing consistent gaming behavior.

2. Medium Risk: Includes customers with larger or irregular transactions, residents of countries with higher AML risk profiles, or exhibiting occasional deviations in typical gaming patterns.

3. High Risk: Customers engaging in very high-value transactions, residing in high-risk jurisdictions, showing significant and uncharacteristic changes in gaming behavior, or previously flagged for suspicious activities.

3. Dynamic Reassessment: The risk category of a customer is not static and is reassessed regularly based on ongoing transaction monitoring and customer activity.

4. Technology Integration: Utilizing advanced analytics and AI tools to assist in identifying and categorizing risks dynamically.

5. Compliance Team Involvement: The compliance team regularly reviews risk categorization criteria and individual assessments to ensure accuracy and compliance with evolving AML regulations.

Enhanced Due Diligence (EDD)

Process Overview

For customers classified as high-risk, the Company implements an Enhanced Due Diligence (EDD) process. This rigorous procedure involves a deeper examination of the customer's profile, activities, and the risk they may pose.

1. In-Depth Background Checks: Conduct comprehensive checks including a review of the customer's financial history, public records, and any past involvement in suspicious activities.

2. Source of Wealth Verification: Assess the legitimacy of the customer's source of income or wealth. This may involve scrutinizing financial statements, business records, or other relevant documentation.

3. Ongoing Monitoring: Maintain heightened surveillance on transactions and activities of high-risk customers. This includes monitoring for unusual patterns or changes in behavior that could indicate money laundering.

4. Senior Management Approval: Transactions or accounts involving high-risk customers often require approval from senior management, ensuring an additional layer of scrutiny.

5. Documentation and Record-Keeping: Detailed records of the EDD process, including findings and decisions, are meticulously maintained for future reference and regulatory compliance.

6. Regular Review and Updates: EDD procedures are regularly reviewed and updated to remain aligned with current best practices and regulatory changes.

Transaction monitoring is a crucial aspect of Company's AML policy, designed to identify and manage the risks associated with money laundering and terrorism financing. This proactive process involves constant surveillance of customer transactions to detect unusual or suspicious activities. The effectiveness of this system is pivotal in preventing and mitigating illicit activities within the platform. Through advanced technology and comprehensive procedures, Company ensures that all transactions are consistently monitored for anomalies, thus safeguarding the integrity of its operations.

System Implementation for Transaction Monitoring

•Advanced Monitoring Software: Company employs sophisticated AI-based software for transaction monitoring. This software is capable of analyzing vast amounts of transaction data in real-time, identifying patterns and anomalies indicative of suspicious activities.

•Customizable Parameters: The system is configured with parameters that reflect Company's specific risk profile. These parameters are based on transaction sizes, frequency, customer risk categories, and other relevant factors.

•Alert Generation: When a transaction or a series of transactions deviate from the established norm, the system automatically generates alerts. These alerts are then reviewed by the compliance team for further investigation.

•Integration with Customer Profiles: The monitoring system is fully integrated with customer profiles, allowing for a more nuanced understanding of each customer's typical transaction behavior.

•Regular Updates and Maintenance: The system is regularly updated to incorporate the latest in AI and machine learning advancements, as well as to adapt to evolving patterns of financial crime.

•Compliance Team Training: The compliance team receives ongoing training to effectively utilize the system, interpret its findings, and take appropriate action.

Thresholds & Limits in Transaction Monitoring

•Setting Transaction Thresholds: Company establishes specific monetary thresholds for transactions. These thresholds are based on various factors such as transaction type, customer risk category, and historical data. Transactions that exceed these set limits are flagged for further review.

•Dynamic Adjustment of Limits: The thresholds are not static; they are periodically reviewed and adjusted to reflect changing patterns in customer behavior and emerging trends in financial crime.

•Transaction Review Process: Any transaction that exceeds these predefined limits undergoes a detailed review. This involves assessing the nature of the transaction, the involved parties, and the context to determine if it aligns with the customer’s typical activity profile.

•Customized Limits for High-Risk Categories: For customers in higher risk categories, more stringent transaction limits are set, and their transactions are subjected to more frequent reviews.

•Documentation and Reporting: All findings from the review of transactions exceeding thresholds are meticulously documented. If suspicious activity is detected, it is reported in accordance with regulatory requirements.

Reporting

1. Suspicious Activity Reports (SARs): Company follows strict protocols for filing SARs. When a transaction or pattern of transactions is identified as suspicious, it is reported to the relevant authorities in accordance with the Bank Secrecy Act and other applicable regulations.

2. Timely Submission: All SARs are filed within the stipulated time frame required by regulatory bodies to ensure compliance and timely intervention.

3. Detailed Documentation: Each report includes comprehensive details about the transaction, customer information, the nature of the suspicious activity, and any related investigation findings.

4. Internal Tracking: For internal monitoring and compliance, a record of all filed SARs and their outcomes is maintained.

5. Confidentiality: The process of reporting is handled with strict confidentiality to protect the integrity of the investigation and the privacy of the individuals involved.

The Company understands that the role of the AML Compliance Officer is critical in ensuring the effective implementation and oversight of the Anti-Money Laundering (AML) program. This position is key to maintaining the integrity of the Company’s financial transactions and adherence to AML regulations. The AML Compliance Officer assigned by the Company is set forth above. The AML Compliance Officer is responsible for developing, coordinating, and overseeing the internal policies and procedures designed to prevent, detect, and report money laundering and other illicit financial activities. This role involves a strategic combination of regulatory knowledge, operational oversight, and effective communication across various departments.

Responsibilities of the AML Compliance Officer:

1. Program Oversight: The AML Compliance Officer is tasked with the comprehensive management of Company's AML program. This includes continuous evaluation and updating of AML strategies to align with evolving regulatory landscapes.

2. Policy Compliance: Ensuring that all business practices, transactions, and customer interactions are in strict compliance with AML policies and regulations.

3. Staff Training: Responsible for conducting regular AML training sessions for employees, ensuring that all staff members are aware of their responsibilities under AML regulations and are equipped to recognize and report suspicious activities.

4. Liaison with Regulatory Authorities: Acting as the primary contact for regulatory bodies, the AML Compliance Officer manages all communications and reporting with these authorities, ensuring that Company adheres to all regulatory requirements and responds promptly to regulatory inquiries or audits.

5. Continuous Improvement: Implementing a culture of continuous improvement within the AML framework by integrating feedback, monitoring program effectiveness, and making necessary adjustments.

Qualifications of the AML Compliance Officer:

1. Regulatory Expertise: Deep understanding of AML regulations and laws, including the Bank Secrecy Act and PATRIOT Act. Familiarity with global AML standards is also crucial.

2. Risk Management Experience: Proven track record in risk management, with the ability to identify, assess, and mitigate financial risks.

3. Strong Analytical Skills: Ability to analyze complex data and transaction patterns to identify potential money laundering activities.

4. Effective Communication: Excellent communication skills to effectively liaise with regulatory bodies, convey AML policies to staff, and report to senior management.

5. Leadership and Training: Experience in leading a team and conducting training sessions on AML compliance.

Employee training is a cornerstone of Company’s AML policy. Recognizing that informed and vigilant staff are essential in identifying and preventing money laundering activities, the Company is committed to providing comprehensive and ongoing training on AML regulations and practices. This training ensures that all employees, regardless of their role, understand the importance of AML compliance and are equipped with the knowledge and tools necessary to contribute to the Company's efforts in combating financial crimes.

Regular Training

1. Comprehensive Training Sessions: the Company conducts regular AML training sessions for all employees. These sessions cover various aspects of AML compliance, including updates to the Company's AML policy, emerging trends in money laundering, and new regulatory requirements.

2. Detection Techniques: Training focuses on equipping employees with the skills and techniques needed to detect signs of money laundering and other financial crimes. This includes recognizing suspicious transaction patterns and understanding customer behavior that may indicate risk.

3. Legal Requirements: The training program also emphasizes the legal obligations of employees and the Company under AML laws, ensuring a thorough understanding of regulatory compliance.

4. Interactive and Engaging Format: Training sessions are designed to be interactive, engaging, and tailored to different roles within the Company, ensuring relevance and effectiveness.

5. Regular Updates: Training content is regularly reviewed and updated to reflect the latest AML trends and changes in laws and regulations.

Record Keeping

1. Documentation of Training Sessions: the Company meticulously documents all AML training sessions. This includes details such as training content, date, duration, and the trainer's name.

2. Employee Attendance Records: A record of employee attendance for each training session is maintained. This ensures accountability and helps in tracking the AML knowledge level across the organization.

3. Accessibility and Audit-Readiness: These records are kept in an organized and accessible manner to facilitate internal reviews and external audits.

4. Retention Period: Training records are retained for a specified period, in accordance with regulatory requirements, to demonstrate compliance with AML training mandates.

Data security and privacy are fundamental elements of the Company's AML policy. Recognizing the sensitivity of customer data and the potential risks associated with its handling, the Company is committed to implementing stringent data security measures and upholding high standards of privacy. This commitment not only ensures compliance with regulations but also builds trust with customers and partners. The approach to data security and privacy is comprehensive, encompassing both technological safeguards and organizational protocols.

Protection Measures

•Cybersecurity Infrastructure: Implementing advanced cybersecurity infrastructure, including firewalls, intrusion detection systems, and secure network architectures to protect customer data from unauthorized access.

•Encryption Technologies: Utilizing strong encryption for data at rest and in transit, ensuring that sensitive information is safeguarded against interception and breaches.

•Regular Security Audits: Conducting regular security audits to identify and address vulnerabilities, ensuring the integrity of the cybersecurity measures.

•Access Controls: Implementing strict access controls to ensure that only authorized personnel have access to sensitive data, based on their role and necessity.

•Employee Awareness: Training employees in cybersecurity best practices to prevent accidental breaches and to recognize potential cyber threats.

Privacy Compliance

•Data Subject Rights: Upholding the rights of data subjects, including the right to access, rectify, erase, and object to data processing.

•Data Protection Officer (DPO): Appointing a DPO to oversee compliance with privacy laws and act as a point of contact for regulatory authorities and data subjects.

•Privacy Policy Transparency: Maintaining a transparent and easily accessible privacy policy, detailing how customer data is collected, used, and protected.

•Consent and Opt-Out Options: Providing clear options for customers to give consent for data processing and the ability to opt-out or withdraw consent.

Company recognizes the importance of cooperating with regulatory and law enforcement authorities in the fight against money laundering and terrorist financing. This cooperation is a key component of the Company’s AML policy, reflecting a commitment to legal compliance and the broader effort to maintain the integrity of the financial system. This section outlines the protocols and practices that facilitate effective collaboration with authorities, ensuring timely and efficient sharing of information and adherence to legal obligations.

Information Sharing (Revised with Legal Citations)

•Compliance with BSA: In accordance with the Bank Secrecy Act (31 U.S.C. § 5318(g)), Company complies with requirements to report suspicious activities and share relevant information with federal authorities.

•Adherence to the PATRIOT Act: Under the USA PATRIOT Act (Pub.L. 107–56), the Company adheres to enhanced information-sharing provisions to combat money laundering and terrorism financing.

•Procedure and Record-Keeping: Maintains detailed records of all information shared, ensuring compliance with these legal frameworks while respecting customer privacy.

Audit and Inspection Readiness (Revised with Legal Citations)

1. Record Retention as per BSA: Consistent with the Bank Secrecy Act requirements, Company retains records, including SARs and relevant financial transactions, for a minimum of five years (31 CFR 1010.430).

2. Readiness for Audits: Ensures all relevant records are organized, up-to-date, and readily accessible for both internal audits and external regulatory inspections.

Regular reviews and updates of the AML policy are crucial for Company to stay aligned with evolving regulatory landscapes and emerging financial crime trends. This process ensures that the policy remains effective, relevant, and in strict compliance with US regulations. The review encompasses assessing the efficiency of current AML practices, updating procedures based on recent legal changes, and integrating technological advancements. This ongoing refinement process underscores the Company's dedication to maintaining the highest standards of AML compliance.

Regular Review

1. Annual Review and Audit Schedule: Company conducts an annual review and audit of its AML policy to ensure it remains up-to-date with the latest legal requirements and best practices in the field of AML compliance.

2. Legal and Regulatory Updates: The review process includes an assessment of any changes in US AML laws and regulations, ensuring the policy aligns with current legal standards.

3. Best Practices Integration: The policy is also updated to reflect emerging best practices in AML compliance, incorporating insights from industry trends and technological advancements.

4. Stakeholder Involvement: The review process involves input from various stakeholders, including the compliance team, legal advisors, and senior management, to ensure a comprehensive and effective policy.

Feedback Mechanism

1. Establishing Feedback Channels: Company sets up dedicated channels for receiving feedback from both employees and customers regarding its AML policy and procedures.

2. Employee Feedback: Employees are encouraged to provide insights and suggestions based on their on-the-ground experience with AML practices, offering valuable perspectives for improvement.

3. Customer Feedback Collection: Customer feedback is gathered through surveys and direct communication channels, focusing on their experience with AML-related processes.

4. Review and Integration: All feedback is regularly reviewed by the AML compliance team, and actionable insights are integrated into the policy for continuous improvement.

This section provides a comprehensive overview of legal frameworks and cases shaping AML practices:

•Bank Secrecy Act (BSA): Details the BSA's requirements, focusing on SARs and CTRs, underpinning the AML compliance framework.

•USA PATRIOT Act: Analyzes key provisions affecting AML, notably in customer identification and data sharing, enhancing the BSA's framework.

•Key Legal Cases:

•United States v. The Bancorp Group, Inc.: Demonstrates consequences for inadequate AML programs.

•Regulatory Guidance:

•FinCEN Guidance FIN-2016-G003: Outlines customer due diligence, including beneficial owner identification.

•Wolfsberg Group Guidance: Cited for industry-standard AML principles.

1. Suspicious Activity Report (SAR): A document filed by financial institutions to report suspicious or potentially suspicious activity to regulatory authorities.

2. Customer Due Diligence (CDD): The process of collecting and analyzing information about a customer's identity and risk profile.

3. Enhanced Due Diligence (EDD): Additional verification procedures for high-risk customers, including in-depth investigation into their background and source of funds.

4. Beneficial Ownership: Identifying the natural persons who ultimately own, control, or influence a customer, especially in corporate structures.

5. Politically Exposed Persons (PEPs): Individuals who hold a prominent public position or role, making them potentially higher risk for involvement in corruption.

6. Money Laundering: The process of concealing the origins of illegally obtained money, typically through a sequence of banking transfers or commercial transactions.

7. Bank Secrecy Act (BSA): U.S. legislation requiring financial institutions to assist government agencies in detecting and preventing money laundering.

8. USA PATRIOT Act: An act enhancing U.S. government's abilities to deter and punish terrorist acts in the United States and around the world, including measures to prevent money laundering.

9. Financial Action Task Force (FATF): An intergovernmental organization that develops policies to combat money laundering and terrorism financing.

10. Know Your Customer (KYC): The process of a business verifying the identity of its clients and assessing their suitability, along with the potential risks of illegal intentions.

11. Currency Transaction Report (CTR): A report that U.S. financial institutions are required to file for transactions over $10,000.

12. Trade-Based Money Laundering (TBML): The process of disguising the proceeds of crime and moving value through the use of trade transactions.

13. Risk-Based Approach (RBA): An AML strategy that prioritizes resources towards the areas of highest risk.

14. Wire Transfer Regulations: Laws governing the transfer of funds through electronic means, especially across borders.

15. Sanctions Lists: Lists of individuals, organizations, and countries targeted by economic sanctions.

16. De-risking: The process where financial institutions limit their exposure by closing or restricting certain accounts.

17. Compliance Officer: An individual responsible for ensuring that an organization complies with relevant laws and regulations.

18. Financial Intelligence Unit (FIU): A central national agency responsible for receiving, analyzing, and transmitting disclosures on suspicious transactions.

19. Anti-Money Laundering (AML) Program: A set of procedures, laws, and regulations designed to prevent criminals from disguising illegally obtained funds as legitimate income.

20. Layering: In money laundering, the process of moving funds through various financial transactions to obscure their origin.

Management Sign-off

1. Approval Process: The final draft of the AML policy is presented to senior management for review and approval. This process ensures that the policy aligns with the overall strategic objectives of Company and adheres to regulatory requirements.

2. Documentation of Approval: The approval by senior management is formally documented, signifying the endorsement and commitment of the Company's leadership to the AML policy.

3. Authority and Responsibility: The sign-off by management not only authorizes the policy's implementation but also underscores the responsibility of management in ensuring its effectiveness and adherence.