This policy outlines the anti-money laundering (AML) and counter-terrorist financing (CFT) policies and procedures of Bitunix (or "we" in the text). This policy is intended to provide general information and does not create any legally binding obligations on Bitunix and/or any other individuals or entities.

Principles and Approach of Bitunix's AML/KYC Work

Bitunix is committed to supporting AML/KYC efforts. In principle, we strive to:

• Conduct due diligence when dealing with our clients or individuals acting on behalf of our clients.

  
  

• Conduct business according to high ethical standards and prevent the establishment of any business relationships that may be linked to money laundering or terrorist financing, or that may facilitate such activities.

  
  

• Provide maximum assistance to authorities and cooperate with them to prevent threats of money laundering and terrorist financing.

2. Bitunix's Risk Assessment and Mitigation Methods

The first layer of our approach includes strict customer identification procedures (KYC), which involve verifying the identity of individual and corporate clients. In addition to obtaining proof of identity, we also collect information on the beneficial owners of corporate clients, in line with international standards such as the Financial Action Task Force (FATF) requirements.

The second layer includes a risk-based system control to ensure that additional customer due diligence (CDD) is carried out. For this, we screen clients (including beneficial owners) against international sanctions lists. We may also screen against other lists at our discretion to protect our reputation and that of our clients.

The third layer involves continuous monitoring of suspicious activities. If we suspect or have reason to suspect that suspicious transactions are taking place, we will submit suspicious transaction reports (STR) to local regulatory authorities as appropriate. Typically, suspicious transactions are inconsistent with the customer's known legitimate business or daily transactional activity.

Risk Assessment:In this regard, we will:

• Record and/or collect documents regarding:

  
  

• The Government Gazette of Hong Kong,




• U.S. Office of Foreign Assets Control (OFAC) Sanctions List,




• United Nations Security Council Sanctions List,




• and other relevant sanctions lists.




• The identity of our clients.




• The country or jurisdiction from which our clients originate or in which they are located.




• Ensure that our clients, associated persons, individuals acting on behalf of our clients, and the clients' beneficial owners are assessed and screened against designated individual and entity lists, including (but not limited to) entities and individuals identified in:

Risk Mitigation:If any individual or entity is identified in such lists, we will not establish a business relationship with them.

3. Our Products, Practices, and Technical Approaches

We will provide appropriate advice on identifying and assessing potential money laundering and terrorist financing risks in the following areas:

• Development of new products and business practices, including new delivery mechanisms.

• Use of new or developing technologies for new and existing products.

We will pay particular attention to any new products or business practices that favor anonymity, including new delivery mechanisms and new or developing technologies such as digital tokens that support anonymity (whether securities, payment, and/or utility tokens).

4. Our Customer Due Diligence (CDD) Approach

We will not open, maintain, or accept anonymous or pseudonymous accounts. If we have any reasonable suspicion that a client’s funds or assets may originate from criminal activities, we will not establish a business relationship or conduct transactions with that client. We will file a suspicious transaction report (STR) and provide a copy to the relevant financial intelligence authority.

We will carry out CDD in the following situations:

• When establishing a business relationship with any client.

• When conducting transactions for clients who have not established a business relationship with us.

• When receiving cryptocurrency transfers on behalf of clients who have not established a business relationship with us.

• When there is suspicion of money laundering or terrorist financing.

• When there are doubts about the truthfulness or adequacy of any information.

Customer Identification:To authenticate our clients, we must at least know:

• Their full name, including any aliases.

• Their unique identification number (e.g., ID number, birth certificate number, or passport number; or, if the client is not an individual, their business registration number).

• Their registered address, or if different, the main business location.

• Their date of birth, incorporation, or registration.

• Their nationality or country of registration.

If the client is a legal entity, we will also obtain details of its legal form, governing documents, and its powers and authorities. Additionally, we will identify the related parties (e.g., directors, partners, and/or persons with executive powers) of the entity.

Verification of Client Identity:We will use reliable, independent source data, documents, or information to verify the identity of our clients. If the client is a legal entity or a legal arrangement, we will verify its legal form, proof of existence, governing documents, and powers using reliable sources.

Identification and Verification of Representatives:If a client appoints one or more individuals to represent them in dealings with us, we will obtain the following information to identify each representative:

• Their full name.

  
  

• Their unique identification number.

  
  

• Their address.

  
  

• Their date of birth.

  
  

• Their nationality.

  
  

• We will verify the identity of the representative using reliable, independent sources.

Beneficial Ownership Identification and Verification:We will inquire whether there are any beneficial owners associated with the client. If there are, we will identify and verify them using reasonable measures with reliable, independent data.

Verification for Legal Entities:For legal entities, we will identify the ultimate beneficial owners (individuals, whether acting alone or jointly) and, if there is doubt about the ultimate beneficial ownership, we will identify those who ultimately control the entity or hold significant influence over it.

Verification for Legal Arrangements:For trusts, we will identify the settlor, trustee, protector (if applicable), beneficiaries, and any individuals who exercise ultimate ownership, control, or effective control over the trust.

Record Keeping:We will retain appropriate records for at least five years, in compliance with applicable laws and regulations.

5. Enhanced Due Diligence (EDD)

Politically Exposed Persons (PEPs):We will use all reasonable means to determine whether a client, any person acting on behalf of the client, any associated persons, or beneficial owners are politically exposed persons (PEPs), or are family members or close associates of a PEP. If a client or beneficial owner is identified as a PEP, we will apply enhanced due diligence (EDD) measures, including:

• Obtaining approval from senior management to establish or continue the business relationship.

  
  

• Identifying and verifying the source of wealth and funds of the client and any beneficial owners.

  
  

• Increasing monitoring of transactions during the course of the business relationship.

High-Risk Categories:We recognize certain situations where a client may present a higher risk of money laundering or terrorist financing, such as:

• If the client or their beneficial owner is located in or originates from a jurisdiction where AML/CFT controls are insufficient.

  
  

For clients in high-risk categories, we will perform enhanced due diligence.

6. Handling of Anonymous Notes and Cash Payment Restrictions

In the course of conducting business, we will not accept or make cash payments of any amount.

7. Training and Compliance Policy

We will regularly train our staff on AML/CFT matters to ensure they are well-informed of the latest regulations and procedures.

8. Ongoing Monitoring

We will continuously monitor business relationships with clients. During this process, we will review transactions and assess them in line with our understanding of the client, their business, and risk profiles.

9. Suspicious Transaction Reporting (STR)

We will report suspicious transactions to the relevant authorities and maintain records of all such transactions.