AML/KYC Policies

1. Regulatory Framework

Our AML/KYC policies are designed to comply with Singapore's comprehensive anti-money laundering framework, including:

• Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act (CDSA)
• Terrorism (Suppression of Financing) Act (TSOFA)
• Financial Action Task Force (FATF) Recommendations
• Singapore AML/CFT framework requirements

2. Policy Statement

Sirius Digital maintains a zero-tolerance policy toward money laundering, terrorist financing, proliferation financing, and other financial crimes. We will not knowingly facilitate, support, or engage in any transactions that may be related to illicit activities.

3. Customer Due Diligence (CDD)

We conduct Customer Due Diligence on all customers in accordance with a risk-based approach. The level of due diligence applied depends on the assessed risk profile of the customer and the relationship.

3.1 When CDD is Performed

CDD measures are applied:

• When establishing a business relationship with a new customer
• Before executing occasional transactions above specified thresholds
• When there is suspicion of money laundering or terrorist financing
• When there are doubts about the veracity or adequacy of previously obtained customer identification data
• Periodically throughout the customer relationship, based on risk assessment

3.2 Standard CDD Requirements

For all customers, we collect and verify:

3.3 Verification Methods

We verify customer identity using reliable, independent sources:

• Digital Verification: Singapore National Digital Identity (NDI) program using Myinfo/Singpass for automatic verification of personal and corporate data
• Government-Issued Documents: Original or certified copies of passports, NRIC, driving licenses
• Proof of Address: Utility bills, bank statements, government correspondence (issued within 3 months)
• Corporate Registries: ACRA BizFile searches, foreign corporate registries, Myinfo Business
• Third-Party Databases: Credit bureaus, sanctions screening databases, PEP databases
• Video Verification: Live video calls for remote identity verification

3.4 Timing of CDD Completion

We strive to complete CDD before establishing a business relationship or executing transactions. However, to avoid interrupting normal business, CDD may be completed during the establishment of the relationship, provided:

• The risk of money laundering or terrorist financing is assessed as low
• Account access is limited until CDD is completed
• CDD is completed as soon as practicable

4. Beneficial Ownership Identification

In accordance with applicable requirements, we identify and verify the beneficial owners of all non-individual customers.

4.1 Definition of Beneficial Owner

A beneficial owner is a natural person who:

• Owns or controls, directly or indirectly, 25% or more of the customer's shares or voting rights
• Exercises ultimate effective control over the customer's management or operations
• Is the beneficiary of 25% or more of a trust or similar legal arrangement
• Has the power to appoint or remove the majority of directors or trustees

4.2 Verification of Beneficial Ownership

For corporate customers, we obtain:

• Ownership structure chart showing all layers of ownership up to natural persons
• Names, identification details, and addresses of all beneficial owners
• Percentage of ownership or control held by each beneficial owner
• Verification documents for each beneficial owner (similar to individual CDD)
• Register of Registrable Controllers (if applicable) or similar beneficial ownership registers

4.3 Trust Relevant Parties

For trusts and legal arrangements, we identify and verify "trust relevant parties" including:

• Settlors or grantors
• Trustees
• Protectors or enforcers
• Beneficiaries or class of beneficiaries
• Any other natural person exercising ultimate effective control

4.4 Enhanced Due Diligence Triggers

Enhanced due diligence is required when:

• There is a change in beneficial ownership or control
• There is a change in persons authorized to act on behalf of the customer
• Material changes occur in the customer relationship
• Insufficient or unclear beneficial ownership information is provided
• The ownership structure appears designed to obscure beneficial ownership

5. Enhanced Due Diligence (EDD)

Enhanced Due Diligence is applied to higher-risk customers, relationships, and transactions. EDD involves more intensive scrutiny and verification.

5.1 When EDD is Required

• Politically Exposed Persons (PEPs): Individuals entrusted with prominent public functions, their family members, and close associates
• High-Risk Jurisdictions: Customers from or with connections to countries identified by FATF as higher risk
• High-Risk Business Activities: Cash-intensive businesses, precious metals/stones dealers, virtual asset service providers
• Complex Ownership Structures: Multiple layers of ownership, offshore entities, or unclear beneficial ownership
• Unusual Transaction Patterns: Transactions inconsistent with customer profile or business activity
• Adverse Media or Sanctions Hits: Customers linked to negative news or sanctions lists

5.2 EDD Measures

Enhanced measures include:

• Obtaining senior management approval for establishing or continuing the relationship
• Establishing source of wealth (SoW) and source of funds (SoF) with supporting documentation
• Understanding the purpose and intended nature of the business relationship
• Conducting more frequent reviews and monitoring (at least annually)
• Enhanced transaction monitoring with lower thresholds for review
• Additional background checks and due diligence inquiries
• In-person meetings or video verification where possible

5.3 Source of Wealth (SoW) Requirements

For higher-risk customers, we establish Source of Wealth through:

• Employment history and income sources
• Business ownership and business profits
• Investment returns and asset appreciation
• Inheritance, gifts, or settlements
• Property sales or other asset disposals

Supporting documentation may include:

• Tax returns or assessments
• Audited financial statements
• Proof of business ownership
• Bank statements showing income sources
• Sale agreements or valuation reports
• Inheritance documents or gift letters

6. Ongoing Monitoring

We conduct ongoing monitoring of all customer relationships to ensure transactions are consistent with our knowledge of the customer, their business, and risk profile.

6.1 Transaction Monitoring

• Automated Systems: Real-time transaction monitoring using rule-based scenarios and machine learning algorithms
• Alert Generation: Suspicious patterns trigger alerts for review by compliance staff
• Investigation: Alerts are investigated, documented, and escalated as appropriate
• Threshold Monitoring: Large transactions and cumulative transaction patterns are monitored
• Behavioral Analysis: Deviations from expected transaction behavior are identified and reviewed

6.2 Periodic Review and Refresh

Customer information is reviewed and updated periodically:

• Low Risk: At least every 5 years or upon trigger events
• Medium Risk: At least every 3 years
• High Risk: At least annually or more frequently as warranted

Reviews include:

• Verification that customer information is current and accurate
• Reassessment of risk rating based on updated information
• Review of transaction activity for consistency with customer profile
• Refresh of identification documents if expired or outdated

6.3 Trigger Events for Re-Assessment

Immediate reassessment is triggered by:

• Material changes in customer circumstances (e.g., business activity, ownership)
• Changes in transaction patterns or volumes
• Customer appears on sanctions lists or adverse media
• Customer becomes a PEP or is linked to a PEP
• Geographic risk changes (e.g., FATF high-risk country designation)
• Suspicion of money laundering, terrorist financing, or other criminal activity

7. Proliferation Financing Risk Assessment

We assess proliferation financing (PF) risks as part of our AML/CFT framework.

7.1 What is Proliferation Financing?

Proliferation financing refers to the raising, moving, or making available of funds or other assets that could contribute to the proliferation of weapons of mass destruction (WMD), including nuclear, chemical, and biological weapons.

7.2 PF Risk Assessment

We assess PF risks by considering:

• Customer connections to jurisdictions of proliferation concern (e.g., DPRK, Iran)
• Customer involvement in dual-use goods, technology, or services
• Transaction patterns suggesting evasion of sanctions
• Use of intermediaries or complex transaction structures to obscure end-users
• UN Security Council and Singapore targeted financial sanctions lists

7.3 Mitigation Measures

• Screening against PF-related sanctions lists
• Enhanced due diligence for high-risk sectors and jurisdictions
• Staff training on PF indicators and red flags
• Reporting of suspected PF activity to relevant authorities

8. Sanctions Screening

We screen all customers, transactions, and counterparties against international sanctions lists.

8.1 Sanctions Lists Screened

• United Nations Security Council (UNSC) Consolidated List
• Singapore sanctions lists
• Office of Foreign Assets Control (OFAC) Specially Designated Nationals (SDN) List
• European Union (EU) Financial Sanctions List
• Other relevant jurisdictional sanctions lists

8.2 Screening Procedures

• Name Screening: Customers and beneficial owners are screened at onboarding and periodically thereafter
• Transaction Screening: Payments and transfers are screened in real-time before execution
• Native Search Engines: We use native search capabilities and fuzzy matching to detect potential matches
• Match Resolution: Potential matches are investigated and resolved by compliance staff
• Positive Match Handling: Confirmed sanctions matches result in account blocking and reporting to authorities

9. Suspicious Transaction Reporting (STR)

We have an obligation to report suspicious transactions to the Suspicious Transaction Reporting Office (STRO) of the Singapore Police Force.

9.1 When to File an STR

An STR is filed when we have reasonable grounds to suspect:

• A transaction involves proceeds of crime (money laundering)
• A transaction is related to terrorist financing
• Property is owned or controlled by terrorists or terrorist entities
• A customer or transaction is linked to proliferation financing

9.2 Red Flags and Indicators

9.3 STR Filing Process

• Suspicious activity is identified through monitoring or staff awareness
• Compliance staff investigate and document findings
• Money Laundering Reporting Officer (MLRO) reviews and approves STR
• STR is filed with STRO via the STRonline system (streamlined timing requirements)
• Confidentiality is maintained - customer is not informed of the STR
• Documentation and records of STR are maintained for at least 5 years

10. Record Keeping

We maintain comprehensive records to support our AML/CFT compliance and facilitate regulatory investigations if required.

10.1 Retention Periods

• Customer Due Diligence Records: 5 years after termination of business relationship
• Transaction Records: 5 years after completion of transaction
• STR Records: 5 years after filing of STR
• Account Files: 5 years after account closure
• Internal Investigation Records: 5 years after completion of investigation

10.2 Records Maintained

• All identification and verification documents
• Account opening forms and applications
• Beneficial ownership documentation
• Business relationship correspondence and communications
• Transaction details, amounts, parties, and dates
• Monitoring alerts, investigations, and resolution decisions
• Risk assessment and rating documentation
• STR filing records and supporting documentation

11. Training and Awareness

All staff members receive regular training on AML/CFT obligations, policies, and procedures.

11.1 Training Program

• New Employee Training: Mandatory AML/CFT training within first month
• Annual Refresher Training: All staff complete annual updates
• Role-Specific Training: Enhanced training for front-line, compliance, and management staff
• Emerging Risks: Training on new typologies, risks, and regulatory changes

11.2 Training Topics

• Singapore AML/CFT laws and requirements
• Money laundering and terrorist financing typologies and red flags
• Proliferation financing risks and indicators
• Customer due diligence and enhanced due diligence procedures
• Sanctions screening and compliance
• Transaction monitoring and suspicious activity detection
• STR filing requirements and procedures
• Record keeping obligations
• Confidentiality and tipping-off prohibitions

12. Governance and Oversight

12.1 Money Laundering Reporting Officer (MLRO)

We have appointed a Money Laundering Reporting Officer responsible for:

• Overseeing AML/CFT compliance program
• Approving and filing STRs with STRO
• Liaising with law enforcement and other authorities
• Reviewing high-risk customers and transactions
• Reporting to senior management and the Board

12.2 Independent Audit and Review

Our AML/CFT program is subject to independent audit and review:

• Annual internal audit by independent audit function
• External auditor review of AML/CFT controls
• Regulatory inspections and examinations
• Continuous improvement based on audit findings and regulatory feedback

12.3 Board and Management Oversight

• Board approval of AML/CFT policies and program
• Regular reporting to Board and senior management on compliance status
• Adequate resources allocated to AML/CFT function
• Tone from the top emphasizing compliance culture

13. Third-Party Reliance

Where we engage third-party service providers for KYC or due diligence functions:

• Third parties are appropriately vetted and approved
• Written agreements clearly define responsibilities and standards
• Third parties are required to comply with Singapore AML/CFT standards
• Regular monitoring and oversight of third-party performance
• Sirius Digital retains full responsibility for AML/CFT compliance regardless of third-party involvement

14. Consequences of Non-Compliance

Our zero-tolerance approach ensures full compliance with all AML/CFT obligations and protects our business, customers, and the integrity of Singapore's financial system.

15. Customer Cooperation

We require full cooperation from our customers to meet our AML/CFT obligations:

• Provide Accurate Information: Customers must provide true, complete, and current information
• Respond to Requests: Timely response to requests for additional information or documentation
• Update Information: Notify us promptly of any changes to customer details, beneficial ownership, or business activities
• Cooperate with Inquiries: Respond to questions about the source, purpose, or destination of funds

16. Contact Information

For questions about our AML/KYC policies or to provide required documentation: