AML/CTF & KYC program

WILDPAY - KYC & AML/CTF COMPLIANCE POLICY

DOCUMENT CONTROL

Policy Title: Anti-Money Laundering, Counter-Terrorist Financing & Know Your Customer Policy

Policy Owner: Chief Compliance Officer, WILDX LIMITED

Effective Date: [Date]

Last Review Date: [Date]

Next Review Date: [Date + 1 year]

Approval Authority: Board of Directors, WILDX LIMITED

Version: 1.0

Applicability: All employees, contractors, subsidiaries, and business units of WILDX LIMITED trading as WILDPAY

1. POLICY STATEMENT & GOVERNING FRAMEWORK

1.1. Commitment to Compliance

WILDX LIMITED (trading as WILDPAY) is committed to the highest standards of Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), and Know Your Customer (KYC) compliance. As a financial technology platform operating globally, we recognize our responsibility to prevent our Services from being used for illicit financial activities, including money laundering, terrorist financing, fraud, proliferation financing, and other financial crimes.

1.2. Regulatory Framework

This Policy is designed to ensure compliance with, but not limited to, the following legal and regulatory obligations:

United Kingdom: The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (as amended), Proceeds of Crime Act 2002, Terrorism Act 2000.

European Union: 5th and 6th Anti-Money Laundering Directives (5AMLD/6AMLD).

United States: Bank Secrecy Act (BSA), USA PATRIOT Act, and regulations enforced by FinCEN.

International: Financial Action Task Force (FATF) Recommendations.

Local Jurisdictions: Applicable AML/CFT laws in all countries where our users reside or our partners operate.

1.3. Risk-Based Approach (RBA)

WILDPAY adopts a Risk-Based Approach to AML/CFT. This means we identify, assess, and understand the money laundering and terrorist financing risks to which we are exposed, and implement proportionate measures to mitigate and manage those risks effectively. Our risk assessment considers customer, product, service, transaction, geographic, and delivery channel risks.

2. ORGANIZATIONAL STRUCTURE & RESPONSIBILITIES

2.1. Appointment of Compliance Officer

The Board of Directors appoints a Chief Compliance Officer (CCO) with sufficient seniority, independence, and expertise. The CCO's responsibilities include:

Overseeing the implementation and daily operation of this Policy.

Acting as the central point for all AML/CFT matters and the Money Laundering Reporting Officer (MLRO).

Receiving and assessing internal suspicious activity reports (SARs).

Ensuring timely filing of SARs with the UK's National Crime Agency (NCA) and other relevant Financial Intelligence Units (FIUs).

Coordinating annual AML training for all staff.

Commissioning and reviewing the annual independent audit of the AML program.

Staying abreast of regulatory developments and updating policies accordingly.

2.2. Employee Responsibilities

All employees and contractors are required to:

Complete mandatory AML/CFT training upon hiring and annually thereafter.

Understand and adhere to this Policy in their daily activities.

Be vigilant for red flags and signs of suspicious activity.

Promptly report any suspicious activity or transactions to the CCO via the internal reporting channel.

Cooperate fully with compliance investigations.

3. CUSTOMER DUE DILIGENCE (CDD) & KYC PROCEDURES

3.1. Standard Customer Due Diligence (CDD)

All customers must complete CDD before onboarding and before accessing our full suite of Services. Standard CDD requires the collection and verification of:

Full Legal Name

Date of Birth

Residential Address (verified by a recent utility bill, bank statement, or government letter)

Official Government-Issued Photo ID: Passport, National Identity Card, or Driver's License.

Live Biometric Verification (Liveness Check): A real-time selfie matched against the submitted ID document using our third-party provider (e.g., Veriff).

3.2. Enhanced Due Diligence (EDD)

EDD measures are mandatory for customers or situations identified as presenting a higher risk. EDD includes all Standard CDD plus:

A. Situations Triggering EDD:

Politically Exposed Persons (PEPs): Foreign and domestic PEPs, their family members, and close associates.

Customers from High-Risk Third Countries: Jurisdictions identified by the FATF, EU, or UK as having strategic AML/CFT deficiencies.

High-Risk Business Sectors: e.g., Crypto Asset Service Providers (CASPs), gambling services, arms dealers, non-profit organizations from high-risk zones.

Unusual or Complex Transaction Patterns: Transactions with no clear economic or lawful purpose, inconsistent with the customer's profile.

High-Value Transactions: Exceeding pre-defined thresholds based on the customer's risk category.

B. EDD Measures Include:

Obtaining additional information on the source of wealth (SoW) and source of funds (SoF).

Conducting independent adverse media and reputational checks.

Obtaining senior management approval to establish and continue the business relationship.

Implementing stricter transaction limits and more frequent ongoing monitoring.

3.3. Simplified Due Diligence (SDD)

SDD may be applied, where permitted by law, to customers assessed as presenting a low risk (e.g., certain listed companies, UK government entities). This involves verifying basic identity information but may exempt from ongoing detailed monitoring.

4. ONGOING MONITORING & TRANSACTION SCREENING

4.1. Real-Time Transaction Monitoring

We employ automated transaction monitoring systems to identify patterns of activity that are unusual, inconsistent with a customer's profile, or indicative of known money laundering typologies, such as:

Structuring (Smurfing): Breaking down large sums into smaller, less suspicious transactions.

Rapid Movement of Funds: In-and-out transactions with no legitimate purpose.

Circular Transactions: Funds sent between accounts with no apparent commercial rationale.

Transactions with High-Risk Jurisdictions.

4.2. Sanctions & Watchlist Screening

All customers (natural persons and legal entities), beneficial owners, and counterparties are screened in real-time and on a daily basis against:

Global Sanctions Lists: OFAC Specially Designated Nationals (SDN) List, UN Security Council Consolidated List, EU Consolidated List, UK HM Treasury Sanctions List.

Domestic Law Enforcement Lists.

Internal Blacklists.
Any positive match results in an immediate account block and escalation to the CCO.

5. SUSPICIOUS ACTIVITY REPORTING (SAR)

5.1. Internal Reporting Obligation

Any employee who knows, suspects, or has reasonable grounds to suspect money laundering or terrorist financing must immediately file an Internal Suspicious Activity Report (ISAR) with the CCO. The "suspicion" threshold is low and subjective.

5.2. External Reporting to Authorities

The CCO will assess all ISARs. Where there are reasonable grounds for suspicion, the CCO will file a formal Suspicious Activity Report (SAR) with the UK's National Crime Agency (NCA) without delay, normally within 30 days of the suspicion arising. In cases of suspected terrorist financing, reporting is IMMEDIATE.

5.3. Tipping-Off Prohibition

It is a criminal offense to make any disclosure that is likely to prejudice an investigation ("tipping-off"). Under no circumstances should a customer be informed that they are under investigation or that a SAR has been filed.

6. RECORD KEEPING

We maintain comprehensive records for the minimum periods required by law:

Customer Identification Data & KYC Documents: 5 years after the business relationship ends.

Account Files & Business Correspondence: 5 years after the business relationship ends.

Records of Transactions: 5 years from the date of the transaction.

SARs & Supporting Documentation: 5 years from the date of filing.

All records are stored securely, with controlled access, and in a format that allows for prompt retrieval by competent authorities.

7. TRAINING PROGRAM

A mandatory AML/CFT training program is conducted for all relevant employees:

Frequency: At induction and annually thereafter.

Content: Legal obligations, recognition of red flags, internal reporting procedures, CDD/EDD requirements, sanctions, and "tipping-off" prohibitions.

Records: Attendance and comprehension are recorded.

8. INDEPENDENT AUDIT

The effectiveness of this AML/CFT program is subject to an annual independent audit by an external party or an internal audit function separate from the compliance team. The audit report is presented directly to the Board of Directors.

9. THIRD-PARTY RELATIONSHIPS & PARTNER OVERSIGHT

We ensure that our critical service providers (e.g., Stripe, PayPal, banking partners) have robust AML/CFT controls in place. Our contractual agreements with these partners mandate their compliance with applicable laws and grant us audit rights where necessary.

10. POLICY ENFORCEMENT & DISCIPLINARY ACTION

Failure by any employee to comply with this Policy will be considered a serious disciplinary matter and may result in sanctions, up to and including termination of employment. Willful non-compliance may also lead to personal criminal liability.

11. POLICY REVIEW

This Policy is reviewed and approved by the Board of Directors annually, or more frequently in response to significant regulatory changes, emerging risks, or audit findings.

12. CONTACT & REPORTING

For questions regarding this policy, to submit an Internal SAR, or for law enforcement inquiries:

Compliance Department Email: compliance@wildpaywallet.com

Chief Compliance Officer: [Name of CCO]

Law Enforcement & Regulatory Requests: legal@wildpaywallet.com

Registered Office for Official Correspondence: WILDX LIMITED, 275 New North Road, London, England, N1 7AA.