AML/CTF Policy

Last Updated: March 27, 2026

This AML/CTF Policy regulates the procedures for customer identification and verification (KYC) in accordance with applicable laws and international standards, transaction monitoring, as well as measures aimed at preventing the use of the Service for money laundering, terrorist financing, or other illegal activities.

1. Definitions

KYC (Know Your Customer) — procedures aimed at identifying and verifying the identity of clients.

AML/CFT (Anti-Money Laundering and Combating the Financing of Terrorism) — procedures designed to prevent and detect money laundering and the financing of terrorism.

Proof of Funds (PoF) - provision of documents or information confirming the source and legality of the user’s funds.

Source of Funds (SoF) - provision of information regarding the origin of funds used in a specific transaction to confirm their legality.

High-Risk Transaction - a transaction that exhibits characteristics indicating an increased risk of money laundering or terrorist financing (e.g., unusual transaction amounts, funds originating from high-risk jurisdictions, links to sanctions, or other suspicious factors).

High-Risk Address Labels - a risk assessment (label/tag) assigned by analytical AML systems to cryptocurrency addresses when a connection to suspicious or prohibited activity is identified, including, but not limited to: involvement in darknet marketplaces, scams, transactions with stolen funds, sanctions exposure, and other high-risk categories within AML/CFT frameworks.

Dark Market — an online platform specializing in the sale of illegal goods or services (for example, drugs, weapons, or stolen personal data).

Sanctions — restrictions or prohibitions imposed by international organizations or governments on countries, legal entities, or individuals in connection with violations of international law or standards.

Stolen Coins — cryptocurrency units obtained through theft or fraud and/or included in sanction lists or criminal investigation databases.

Scam (Fraud) — a deceptive scheme leading to the loss of money or other valuable assets. In the cryptocurrency context, this includes fraudulent ICOs, Ponzi schemes, and other manipulative activities.

2. User Identity Verification (KYC)

2.1. The User agrees to undergo identity verification upon the Company’s request and in accordance with its requirements. The Company may request additional documents to verify the identity or a specific transaction in order to comply with legislation and internal policies. Verification may apply both to the User and to the Recipient of funds under a transaction, particularly when cash is issued or signs of increased AML/CTF risk are present. Third-party KYC services may be engaged to verify the authenticity of the provided information. Refusal to provide documents may result in the suspension or termination of services.

2.2. The verification process may include (but is not limited to):

• Identification document (passport, international passport, ID card, driver’s license, etc.);
• Selfie for identity confirmation;
• Additional information required for full verification in accordance with international KYC standards (e.g., phone number, email address, etc.).
• Provision of information and/or documents within the framework of the Proof of Funds (PoF) procedure;
• Provision of information and/or documents within the framework of the Source of Funds (SoF) procedure.

The requested information is necessary to comply with international AML/CTF standards and to confirm the client’s identity.

3. Verification Procedures

3.1. The Company has developed a system for identifying high-risk transactions and other unlawful activities, taking into account the risks of money laundering and terrorist financing.

In compliance with AML/CFT requirements, the Company uses a combination of analytical tools, including external services, as well as internal monitoring procedures to assess risks associated with transactions and User activity.

The assessment is based on a risk-based approach and takes into account a combination of factors, not limited solely to the indicators reflected in analytical tools. Such factors include, but are not limited to: geographic risks, sanctioned addresses and services, the use of obfuscation tools (mixers, bridges), as well as other indicators of increased risk.

In order to prevent circumvention of control mechanisms and in accordance with applicable regulatory requirements, the Company does not disclose the parameters of its monitoring systems, including threshold values, internal rules, and other risk assessment criteria. Such information is considered confidential.

The Company reserves the right to suspend operations and freeze funds until the required information is provided and all necessary checks are completed.

To reduce the risk of funds being frozen, the Company recommends that Users:

• to complete an AML check in advance or submit the address to the operator for a preliminary risk assessment before initiating an exchange operation (the preliminary check can be conducted via a monitoring service by providing the required data to the operator);
• regularly review the current version of this Policy;
• use only reputable international AML-check services for transaction screening.

A low AML risk level does not guarantee the successful crediting of funds for an exchange operation and only indicates a reduced level of risk; the final assessment of a deposit transaction is possible only after the actual receipt of funds; even in the absence of high-risk labels, the transaction may be subject to additional review for compliance with the Service’s internal policies and requirements.

3.2. The Company conducts continuous monitoring of all User transactions in order to identify abnormal or suspicious activities. For these purposes, the Company uses crystalintelligence.com and/or other reputable analytical resources at its discretion, which may be applied either in combination or separately.

Within the scope of this Policy, a “suspicious transaction” means any transaction that:

• involves funds obtained through illegal activity or is intended to conceal or disguise the origin of such funds;
• aims to evade legal obligations related to accounting or reporting;
• lacks an apparent business or lawful purpose;
• facilitates criminal activity (such as fraud, money laundering, terrorist financing, corruption, sanctions violations, or other high-risk categories).

3.3. If the established AML risk threshold is exceeded or funds with a high-risk status are identified (including Dark Market, Sanctions, Stolen Coins, Scam, etc.), the Company reserves the right to:

• suspend the transaction or freeze (withhold) funds until the investigation, full identity verification, and financial information review are completed;
• request a photo or video of the user holding an identity document;
• request screenshots or videos from the user’s crypto wallet account;
• request other materials and documents related to the transaction, including those of the recipient specified in the Exchange Request;
• refuse to transfer funds to third-party accounts without explanation.
• request additional materials within the framework of PoF/SoF procedures.

In the event that the requested information is not provided or no response is received from the User within 3 (three) months, the funds may remain frozen until all Company requirements are fulfilled.

After all required documents and information have been submitted, the standard review period is up to 12 (twelve) business days.

Funds frozen due to sanctions-related restrictions may remain blocked until such restrictions are lifted.

3.4. The Company may successfully complete an exchange transaction only after:

• performing full user identity verification in accordance with this Policy and international KYC standards;
• assessing the transaction’s risk, including checks for links to high-risk sources, sanctions, Dark Market, Stolen Coins, Scam, and other risk indicators defined in this Policy;
• verification of all documents and information provided by the User, including identification data, screenshots or videos from wallets, as well as other materials within the framework of PoF/SoF procedures, if the transaction is classified as high-risk.

4. Restricted Territories and Sanctions

The Company does not provide services to individuals located in or associated with the territories of the following states and regions: Republic of Abkhazia, Republic of South Ossetia, Nagorno-Karabakh Republic, Turkish Republic of Northern Cyprus, Pridnestrovian Moldavian Republic, as well as territories temporarily not controlled by the Government of Ukraine, including the Autonomous Republic of Crimea, and certain areas of the Donetsk and Luhansk regions.

In addition, the Company does not provide services to individuals included in applicable sanctions lists, including those of the United Nations, the European Union, Her Majesty’s Treasury (UK), and the U.S. Office of Foreign Assets Control (OFAC).
The Company regularly screens Users against these lists and reserves the right to suspend or terminate any account that poses a sanctions-related risk.

5. Reporting of Suspicious Activities

The Company’s employees continuously monitor transactions and User behavior for signs of suspicious activities.
If such activities are detected, the employees shall immediately notify Company management and submit a report to the relevant regulatory or law enforcement authorities in accordance with applicable law.

Additionally, in such cases, the Company may:

• request additional information or documents from the User;
• suspend or terminate the User’s account;
• freeze funds until the investigation is completed.

6. Freezing and Completion of Transactions

To ensure compliance with AML/CTF legislation, prevent fraud, and protect the rights and lawful interests of the Company and its Users, the Company reserves the right to temporarily suspend or freeze transactions and User funds when an increased risk, suspicious activity, or inconsistencies in submitted data are detected.

Such cases may include transactions involving:
high-risk sources, sanctioned individuals or restricted territories, Dark Market, Stolen Coins, Scam, or other indicators defined in this Policy.

Refunds or completion of exchange operations are carried out only after:

• successful identity verification of the User;
• confirmation of the authenticity of all submitted documents and information;
• successful completion of an internal security review.

All inquiries regarding frozen funds are accepted only through official communication channels listed on the Service’s website and from the email address or Telegram account provided by the User when submitting the Exchange Request. Funds may remain temporarily withheld until all required procedures are fully completed.

7. Data Retention

All documents and data provided by Users, including the results of verification procedures, are retained for at least five (5) years after the termination of the relationship with the User.
The Company collects, stores, and protects Users’ personal data in accordance with applicable data protection regulations, as well as requirements for anti-money laundering and counter-terrorism financing (AML/CTF).
Records of verifications and transactions are provided to competent regulatory or law enforcement authorities only upon a lawful request.

8. Policy Updates

The Company may periodically update this Policy to reflect changes in legislative or regulatory requirements, as well as to improve internal procedures.
The Policy may be amended unilaterally by the Company’s management without notifying Users.
All updates are published on our website with the date of the latest revision displayed at the top of the page.

9. Contacts

If you have any questions regarding this Policy or the Company’s procedures, please contact us via email: support@001k.exchange or Telegram.