Anti-Money Laundering
Policy for
DOMTRADE PLC

Introduction: Domtrade Plc take a zero tolerance approach to being involved in illegal/illicit activity, and will fully comply with all relevant sections of the Money Laundering Regulations 2017 (ML Regs) (as amended by the MLR 2019), the Proceeds of Crime Act 2002 (POCA), and the Terrorism Act 2000 (TACT) As an exchange, we recognize the unique risks posed by digital assets and are committed to preventing their misuse for money laundering, terrorist financing, or other illegal activities. This policy outlines our comprehensive approach to AML compliance, ensuring alignment with global standards

All partners and employees of the firm are under an obligation and duty to comply with the above. This policy & any related procedures aims to help partners and staff fulfill these responsibilities, by providing a clear framework, along with setting out the firm’s key principles and obligations.

Money Laundering: Is the process of making illegally obtained money appear legitimate. Terrorist Financing: Providing funds to support terrorist activities. CDD: Customer Due Diligence KYC: Know Your Customer SAR: Suspicious Activity Report FATF: Financial Action Task Force POCA: Proceeds of Crime Act

Domtrade Plc complies with FATF recommendations and the specific regulations in the jurisdictions where it operates, such as the U.S. Bank Secrecy Act, the EU's 5th AML Directive, and others. The exchange also adheres to the FATF Travel Rule, ensuring transparency in virtual asset transfers.

Risk Based Assessment Customer Due Diligence, including ID&V requirements, and application of KYC information Compliance with International Sanctions Requirements

Conducting an adequate risk assessment and appropriate due diligence (CDD) on clients and transactions, including PEP and sanctions checking. Avoiding discussing any potential or actual SARs with clients or any third parties (“Tippingoff”) Referring any Police/Law Enforcement queries or requests to the MLRO Undertaking any AML-related training provided by the Firm. Keeping appropriate records of all AML related activity

Governance and Oversight: The Board of Directors provides oversight, while the AML Compliance Officer manages execution. A dedicated Compliance Team conducts investigations and reports suspicious activities. Risk-Based Approach: Domtrade Plc uses a risk-based approach to assess customer, product, and geographic risks. Risk scoring is applied, and high-risk users are subject to enhanced scrutiny and monitoring using advanced blockchain analytics tools. Customer Due Diligence (CDD): Basic CDD includes collecting identity information and verifying it using third-party providers. Ongoing CDD ensures continued risk monitoring, and simplified CDD applies to low-risk customers. Corporate CDD involves reviewing business documents and beneficial ownership. Enhanced Due Diligence (EDD): EDD is triggered for PEPs, high-risk jurisdictions, or abnormal transaction behavior. It involves deeper verification of source of funds, additional documentation, and executive approval for onboarding. Transaction Monitoring: Real-time monitoring and blockchain analytics are employed to detect red flags, such as rapid wallet transfers or dealings with privacy coins. Flagged transactions are investigated and, if necessary, escalated for further action. Suspicious Activity Reporting (SAR): All suspicious activities must be reported internally and, if warranted, externally through SARs to appropriate regulatory bodies. SAR filings are confidential and must be completed within required timeframes. Sanctions Screening: Customers and transactions are screened against OFAC, UN, and EU sanctions lists. Matches trigger account freezes and regulatory notifications. Record-Keeping: All AML-related records, including CDD and transaction logs, are retained for at least five years and stored in secure, compliant systems. Training and Awareness: All staff must complete AML training at onboarding and annually. Compliance teams receive more detailed training on transaction red flags and legal obligations.

Third-Party Relationships: Vendors and service providers undergo AML risk assessments. Contracts must mandate AML compliance, and ongoing reviews are conducted. Internal Audit and Compliance Testing: The AML program is audited annually by independent professionals, and regular testing ensures that controls are effective and updated as needed. Incident Response and Escalation: AML breaches trigger investigations and internal escalation. Corrective actions are taken, including possible retraining or system changes. Policy Review and Updates: The policy is reviewed annually and updated for regulatory changes. All updates require board approval.

This is the AML policy.