AML COMPLIANCE POLICY

This document provides an outline of the “Know Your Customer” (KYC) and “Anti-Money Laundering” (AML) policies, detailing our commitment to preventing money-laundering activities while interacting with our users.

Objectives of AML Compliance

The primary goal of our AML policy is to prevent Bitswap from being exploited, intentionally or unintentionally, for money-laundering activities. The policy implies reasonable efforts to determine the true identity and beneficial ownership of accounts, sources of funds, nature of the customer’s business, and the legitimacy of account activities relative to the customer’s business. This approach helps us manage risks prudently.

We aim to protect our users from fraudulent and scam activities within the crypto assets domain. Bitswap adopts the latest recommendations and guidelines from FATF, the European Parliament, and financial industry regulators. Our compliance policy is designed to detect funds involved in illicit activities and safeguard our customers' assets against hacks, ransomware, and malware attacks. Our toolkit comprises policy regulations and advanced software for real-time tracking of suspicious transactions.

Our AML policy, procedures, and internal controls ensure compliance with all applicable regulations. These are regularly reviewed and updated to account for regulatory changes and business developments.

Policy Components

1. CUSTOMER IDENTIFICATION PROCEDURE (CIP)

• Identification: For transactions flagged as suspicious, we may collect customer identification information such as full name, date of birth, residential and business address, and valid government-issued identification. Non-individual entities must provide documents showing their existence (i.s. KYB verification).
• Misleading Information: Customers must ensure the accuracy and timeliness of their information. Incorrect, false, outdated, or incomplete information may result in account blacklisting and service termination. We also reserve the right to demand corrections or accurate information from the customer.
• Verifying Information: We verify the information using risk-based procedures and a third-party service provider, Sum & Substance Ltd, ensuring compliance with our Privacy Policy. We may refuse or restrict transactions pending verification.
• Lack of Verification: If we cannot verify a customer’s identity, we may request additional information, refuse customer’s verification, blacklist the account, and potentially file a SAR/STR.
• Customer Notice: Customers are informed that their transactions may be subject to AML/KYC checks, as stated in our Terms of Use.
• Reliance on Other Institutions: We may rely on other institutions for identity verification if they have a contract with us certifying their AML program compliance.
• Enhanced Due Diligence: Enhanced scrutiny is applied to high-risk customers or accounts, including monitoring, updating KYC documents, and verifying the source of funds.

2. RECORDKEEPING

• We document and retain all verification information and results for five years after verification took place. User data obtained during KYC procedures is encrypted and stored on GDPR-compliant Amazon servers in the EU. Records are available to competent authorities upon request.

3. AML/CFT COMPLIANCE OFFICER

• The AML/CFT Compliance Officer is responsible for implementing and monitoring the AML policy, reporting any suspicious activities, and communicating via [email protected].

4. MONITORING OF TRANSACTIONS

• We monitor transactions to identify deviations from normal activity, with intensified monitoring for high-risk accounts or transactions. Our real-time Know-Your-Transaction service helps detect transactions involving illicit funds.

5. RISK MANAGEMENT

• We have procedures for effective implementation of a wide range of AML/CFT measures, including oversight, controls, segregation of duties, training, and regular quality checks by the compliance team. Senior management is periodically updated on any issues.

6. COLLABORATION WITH LAW ENFORCEMENT AGENCIES

• We are consign to maintain as accurate information on virtual asset transfers as possible and make it available to authorities upon official request.