AML/CTF Policy

These days money laundering (ML) and terrorist financing (TF) are one of the biggest challenges faced by the crypto community. CCPayment considers ML/TF as a serious threat to its activities, and therefore introduces and implements its Anti-Money Laundering (AML) and Counter Terrorist Financing (CTF) Policy in accordance with the relevant legal acts, recommendations, guidelines and best practices in the field. CCPayment is committed to providing a reputable, reliable and secure services with high standards of integrity and transparency, in full compliance with applicable laws and global standards.

The following are key elements of the CCPayment AML/CTF Policy:

• Customer Due Diligence;

• Risk Assessment; Ongoing Monitoring;

• Record Keeping;

• Communication with Competent Authorities.

• Customer Due Diligence.

Customer due diligence information comprises the facts about a customer that should enable CCPayment to assess the extent to which the customer exposes it to a range of risks. Customer due diligence information is obtained from the customer before establishing the business relationships with him/her/it. CCPayment also verifies the obtained information against reliable and independent sources. By collecting and verifying the customer’s information the Company aims to form a reasonable belief as to the true identity of the customer. CCPayment must also understand the business of the customer to make sure that the customer does not launder illicit funds through CCPayment and/or these funds will not be used for TF. Information, documents and data provided to CCPayment during identification of the customer are processed in accordance with CCPayment Privacy Policy. While assessing the risks, CCPayment applies the risk-based approach. It means that CCPayment has an understanding of the ML/TF risks to which it is exposed and applies AML/CFT measures in a manner and to an extent which would ensure mitigation of these risks. This flexibility enables CCPayment to focus its resources and take enhanced measures in situations where the risks are higher. CCPayment performs an ongoing monitoring of the business relationships with customers. Ongoing monitoring is performed on all business relationships regardless of their risk rating

under the risk-based approach. However, the degree and nature of monitoring will depend on the risk rating of the customer and the particular service provided.

Ongoing monitoring allows CCPayment to gain deeper insights into customers’ profiles and behaviours and strengthen risk-based allocation of resources to tackling higher risk areas.

CCPayment maintains appropriate records in relation to every customer, with the idea being that maintaining an adequate audit trail is a significant component of combating ML/TF.

Record keeping is essential to facilitate effective investigation, prosecution and confiscation of criminal property. If the funds used to finance terrorist activity cannot be traced back through the financial system, then the sources and the destination of terrorist financing will not be identified.

Upon suspicion or any knowledge that the property of any value is directly or indirectly derived from criminal activity or participation in such activity, or that the intended purpose of property is to sponsor one or several terrorists or terrorist organization, CCPayment will report that to the competent authorities and will cooperate on any follow-up actions.

We will also file a STR and notify the appropriate law enforcement authority in situations involving violations that require immediate attention, such as terrorist financing or ongoing money laundering schemes.

We will report suspicious transactions by completing a STR, and we will collect and maintain supporting documentation as required by the IFSC and FIU regulations. We will file a STR no later than 30 calendar days after the date of the initial detection of the facts that constitute a basis for filing a STR. If no suspect is identified on the date of initial detection, we may delay filing the STR for an additional 30 calendar days pending identification of a suspect, but in no case will the reporting be delayed more than 60 calendar days after the date of initial detection. The phrase “initial detection” does not mean the moment a transaction is highlighted for review. A review must be initiated promptly upon identification of unusual activity that warrants investigation.

We will retain copies of any STR filed and the original or business record equivalent of any supporting documentation for five years from the date of filing the STR. We will identify and maintain supporting documentation and make such information available to FIU, any other appropriate law enforcement agencies, federal or state securities regulators.

We will not notify any person involved in the transaction that the transaction has been reported, except as permitted by the IFSC and FIU regulations. We understand that anyone who is subpoenaed or required to disclose a STR or the information contained in the STR will, except where disclosure is requested by FIU, or another appropriate law enforcement or regulatory agency, or to provide any information that would disclose that a STR was prepared or filed. We will notify IFSC or FIU, or of any such request and our response.