[CLIproxy] Anti Money Laundering and Counter Terrorist Financing Compliance Statement

Effective Date: April 5, 2025

Document Number: POL-AML-2025

1. Compliance Commitment

[CLIproxy] will strictly follow the following guidelines:

Comply with anti money laundering (AML), counter-terrorism financing (CFT), and sanction compliance laws and regulations in all jurisdictions where the business operates Fully adopt the FATF (Financial Action Task Force on Money Laundering) Forty Recommendations and Standards Establish a dynamic risk management system covering global business

2. Core control measures

(1) Customer Due Diligence (CDD)

Basic verification

All customers are required to provide valid government issued identification when opening an account Verify the identity of the actual beneficiary (natural persons holding ≥ 10% of the shares) Risk classification management Low risk clients: simplified due diligence Medium risk clients: Verify the source of funds+declare the purpose of the transaction High risk clients: senior management approval+semi annual review Enhanced Due Diligence (EDD)

Applicable to: Politically Exposed Persons (PEPs), Virtual Asset Service Providers, High Risk Country Customers, Cash Intensive Industries

(2) Transaction monitoring

Deploying intelligent monitoring systems to identify suspicious patterns in real time (such as complex transactions without reasonable reasons deliberately avoiding reporting thresholds, splitting transactions into high-risk jurisdictions, and rapid fund transfers) The compliance team implements a three-level manual review process for system alerts

(3) Mandatory reporting

Large transaction report

Accumulated daily transactions exceeding the equivalent of $10000

Suspicious Activity Report (SAR/STR)

Report to the local financial intelligence agency within 24 hours after confirmation

Major cases initiate cross-border regulatory collaboration mechanism

(4) Sanctions Compliance

Daily screening of UN/OFAC/EU/UK and other sanction lists Automatically freeze matching accounts and initiate legal review procedures

3. Organizational support

Governance structure

The board of directors directly supervises compliance work

Global Chief Compliance Officer reports independently to CEO

Staff management

Annual training for all staff+quarterly assessment for high-risk positions Protected anonymous reporting channel (official website/hotline)

independent audit

Annual Compliance Effectiveness Assessment of External Audit Institutions

4. Customer Obligations

You must:

Provide authentic, complete, and timely updated identity and business information Cooperate with ongoing due diligence requirements

It is prohibited to use our services for the following activities:

• Money laundering or terrorist financing

• Evading international sanctions

• Concealing criminal proceeds

5. Data management

Customer identity information shall be kept for at least 5 years after the termination of the business relationship Transaction records shall be kept for at least 7 years after the transaction occurred Cross border data transmission complies with privacy regulations such as GDPR/CCPA