KYC AND AML POLICY

Last updated December 11, 2024

ANTI-MONEY LAUNDERING (“AML”) AND KNOW YOUR CUSTOMER (“KYC”) POLICY (hereinafter referred to as the “Policy”)


1. Purpose and overview

Kairon Labs BV (“Kairon Labs”) is committed to the highest standards of compliance, transparency, and security in its algorithmic liquidity provision services for cryptocurrency markets. This policy establishes a framework for compliance with applicable Anti-Money Laundering (AML) and Know-Your-Customer (KYC) regulations, as well as international standards and guidelines designed to combat financial crimes and ensure transparency and security.

This policy applies to all employees, contractors, clients, and stakeholders and aims to prevent financial crimes such as money laundering (ML), terrorist financing (TF), and fraud while fostering a secure and transparent environment.

2. Policy Objectives

The primary objectives of this policy are to:

  • Prevent the misuse of Kairon Labs’ services for illicit activities, including ML, TF, and fraud;
  • Identify and mitigate financial crime risks effectively;
  • Ensure full compliance with applicable AML/KYC laws and regulations;
  • Protect the integrity and reputation of Kairon Labs; and
  • Establish a secure operational environment for clients, employees, and partners.

3. Governance and Oversight

Kairon Labs has designated a Compliance Specialist responsible for:

  • Monitoring compliance efforts and ensuring adherence to evolving regulatory requirements;
  • Acting as the primary contact for regulatory inquiries and internal compliance matters; and
  • Conducting regular reviews and audits of AML/KYC processes.

4. Minimum Standards

4.1 Client Due Diligence

4.1.1 Identification and Verification Requirements

Individuals

Kairon Labs collects the following information during the KYC process:

  • Personal Information: Full legal name, date of birth, nationality, and government-issued identification (passport, identity card);
  • Contact Information: Residential address, phone number, and email address;
  • Financial Information: Source of funds, income details, wallet Ownership;
  • Verification Documents
    • Proof of identity (government-issued ID);
    • Proof of address (utility bill, bank statement, or official correspondence);
    • Proof of wallet ownership (e.g., signed wallet message or screenshot);
    • Supporting documentation for the source of funds.
  • Risk-Related Data
    • Geographical risk (FATF high-risk jurisdictions);
    • Politically Exposed Person (PEP) status;
    • Bearer shares or nominee shareholders;
    • Sanctions screenings and adverse media checks.

Businesses

  • Business Information: Legal name, registration number, and address.
  • Verification Documents
    • Proof of incorporation (registration certificate, articles of incorporation);
    • Proof of identity and address for Ultimate Beneficial Owners (UBOs) and Senior Management Officials (SMOs);
    • Financial information (source of funds, financial statements);
    • Proof of wallet ownership (signed wallet message or screenshot);
    • AML and KYC policies and procedures.
  • Group Structure: A diagram detailing the ownership and control structure.
  • Supporting Documents: Investor capital disclosure, legal opinion, list of directors or senior management officials, core team member biography, tokenomics documentation and team token allocation documentation.

Trusts and Foundations

  • Formation Documents: Establishing the trust or foundation’s purpose and activities;
  • Identification of Trustees/Key Parties: UBOs and key individuals;
  • Ownership and Control Structure: A detailed diagram or narrative.

4.1.2 Risk Assessment and Categorization

Clients are categorized as low, medium, or high risk based on :

  • Entity Risk: Client entity type (individual, business, or trust).
  • Industry Risk: Exposure to financial crimes based on industry.
  • Country Risk: Residency or operation in high-risk jurisdictions.
  • Ownership Transparency: Complexity or obscurity of ownership structure.
  • PEP Status: Association with politically exposed persons.
  • Adverse Media and Sanctions: Results from screenings.
  • Bearer Shares: Identification of ownership due to heightened anonymity risks.
  • Nominee Shareholders: Identification of ownership due to heightened anonymity risks.
  • Ultimate Beneficial Owner (UBO): Assessment of the UBO’s risk exposure.

4.1.3. Enhanced Due Diligence

For clients identified as high(er) risk, Kairon Labs implements Enhanced Due Diligence (EDD) measures to ensure comprehensive risk assessment and mitigation. These measures may include collecting additional documentation, conducting more frequent monitoring, and obtaining senior management approval before establishing or continuing the business relationship.

4.1.3.1. Enhanced Due Diligence Measures

EDD measures may include requesting the following documentation :

  • Financial Records
    • Bank statements reflecting the origin and flow of funds.
    • Detailed business financial records, including audited statements or tax filings.
  • Wallet Screening
    • Cryptocurrency trade history and wallet activity.
    • Token deployment contracts and token distribution models, particularly for blockchain or tokenized assets.
  • Legal and Operational Documentation
    • Agreements, invoices or other documents substantiating the economic activities.
    • Proof of legitimate operations, such as licenses or registrations.

Verification Process

  • Additional measures may be employed to validate the authenticity of provided documentation, such as contacting issuing institutions, cross-referencing public records, or utilizing blockchain analytics tools.
  • Where necessary, Kairon Labs may require further clarification or supplementary evidence to confirm the legitimacy of the client’s source of funds or wealth.

These measures are designed to ensure that the client’s financial activities are consistent with their declared operations and registrations, reducing the risk of financial crimes and reinforcing the integrity of Kairon Labs’ compliance framework.

4.2. Ongoing Monitoring

Kairon Labs conducts periodic and risk-based reviews to ensure that client documents, data, and information remain current and accurate. Reviews are conducted at varying frequencies based on the client’s risk level, with high-risk clients undergoing more frequent assessments than medium- or low-risk clients. For higher-risk clients, enhanced monitoring is implemented, involving continuous assessment of client activities, transaction patterns, and any behavioral changes. Significant updates in the client’s profile, such as alterations in ownership structure, transaction volume, or findings from adverse media checks, will trigger a reassessment of the client’s risk rating. When new risk factors are identified, additional due diligence measures are applied to address potential threats. This approach ensures ongoing compliance and effective management of emerging risks throughout the client relationship.

5. Transaction Monitoring

Kairon Labs employs a transaction monitoring framework supported by tools like Chainalysis to oversee client transactions and ensure compliance with global standards. Wallet screening plays a critical role in this process, assessing the risk associated with cryptocurrency wallets. Wallets are categorized as low-risk, medium-risk, or high-risk based on their activity, transactional behavior, and association with known risk factors. In addition to such monitoring, periodic reviews of wallet activity are conducted to ensure the risk categorization remains accurate and up-to-date. These reviews evaluate changes in transactional patterns, links to flagged entities or individuals, and any new risk factors that may arise.

6. Offboarding Process

Kairon Labs follows a structured offboarding process to terminate business relationships transparently while mitigating risks. This process applies to all clients, including high(er)-risk cases.

  • Initiation: Identify and document the reason for offboarding (e.g., elevated risk or non-compliance) and formally notify the client, outlining remaining obligations.
  • Final Risk Assessment: Review the client’s activities, such as flagged transactions or high-risk ties, and document unresolved risks.
  • Documentation Verification: Collect pending records (e.g., transaction history, ownership disclosures) and verify their legitimacy.
  • Regulatory Reporting: Report suspicious activities to ensure all regulatory requirements are met.
  • Termination of Services: Revoke platform access and finalize outstanding obligations.
  • Data Retention: Securely store essential records for the legally required duration and delete non-essential data where applicable.
  • Post-Offboarding Monitoring: Monitor residual risks and cooperate with authorities if further information is needed.

7. Data Retention

All Records of (personal) data obtained for the purposes of the prevention of money laundering and terrorism financing or other illicit activities are processed and kept in accordance with the applicable legal requirements and shall not be further processed in a way that is incompatible with those purposes.

8. Internal Controls

Reporting and Escalation: Suspicious transactions will be reported in compliance with the respective laws and regulations by means of the responsible person. Issues and activity reports are reviewed on a regular basis. The quality of coverage of the internal control will be reviewed on a regular basis.

Employee Training: Regular AML/KYC training ensures employees can identify and report risks.

9. Technology and Tools

Kairon Labs utilizes advanced technology to enhance its compliance processes :

  • Dotfile: For KYC onboarding, risk assessment, and document management
  • Chainalysis: For blockchain analytics and wallet monitoring
  • Sanctions Screening: Real-time PEP and sanctions check

10. Data Privacy and Consent

Data collection, processing, and sharing are governed by the Consent and Data Privacy Agreement, ensuring transparency and compliance with GDPR. Clients have the right to (i) access their personal data and (ii) request corrections or deletions, subject to regulatory requirements.

11. Policy Review and Updates

This policy is reviewed annually or as needed to reflect changes in regulations, industry standards, or organizational priorities.

12. Conclusion

Kairon Labs is steadfast in its commitment to upholding the highest standards of compliance, security, and transparency in the cryptocurrency industry. By adhering to robust KYC/AML policies and continuously adapting to evolving regulatory requirements, we aim to prevent financial crimes, safeguard our reputation, and foster trust with our clients, partners, and stakeholders. This policy serves as a cornerstone of our efforts to maintain integrity, ensure regulatory compliance, and provide a secure environment for all parties involved. Adherence to this policy is mandatory and reflects our dedication to ethical business practices and long-term success.