AML/KYC POLICY

1. General Provisions

1.1. Nexory Labs OÜ, a company registered under the laws of the Republic of Estonia, registration code 17496011, with its registered address at: Harju maakond, Tallinn, Põhja-Tallinna linnaosa, Telliskivi tn 57, 10412 (hereinafter – the "Company"), complies with the laws of the Republic of Estonia, the European Union regulations, and international standards related to anti-money laundering (AML), counter-terrorist financing (CFT), sanctions compliance, and Know Your Customer (KYC) procedures.

1.2. This Policy defines the key principles, procedures, and measures implemented by the Company for the purpose of:

• preventing the Company's activities from being used for unlawful financial operations;
• ensuring an appropriate level of compliance;
• verifying clients, counterparties, and business partners;
• complying with financial monitoring and sanctions regulations.

2. Nature of the Company's Activities

2.1. The Company operates in the fields of:

• digital marketing;
• online promotion;
• development of digital solutions;
• marketing and communication support for technology and blockchain projects.

2.2. The Company provides exclusively marketing, informational, technological, and consulting services.

2.3. The Company:

• is not a financial institution;
• does not provide investment, brokerage, payment, or exchange services;
• does not engage in asset management activities;
• does not operate as a cryptocurrency exchange or custodial service provider;
• does not accept deposits;
• does not hold client funds;
• does not conduct financial transactions on behalf of clients.

2.4. Any payments received by the Company constitute payment exclusively for marketing, advertising, technological, or consulting services provided by the Company.

3. Purpose of the AML/KYC Policy

3.1. The Company implements AML/KYC procedures for the purposes of:

• preventing money laundering;
• preventing terrorist financing;
• detecting fraud and unlawful activities;
• complying with sanctions restrictions;
• ensuring transparency of clients' source of funds and business activities;
• minimizing compliance risks.

4. Scope of the Policy

4.1. This Policy applies to:

• clients;
• counterparties;
• service providers;
• business partners;
• payments and financial transactions related to the Company's activities.

4.2. The Policy applies to:

• payments for marketing and digital services;
• international bank transfers;
• verification of clients and counterparties;
• verification of source of funds and business reputation.

5. KYC (Know Your Customer) Procedures

5.1. Verification of Individuals. The Company may request and verify:

• full legal name;
• date of birth;
• residential address;
• contact information;
• identity documents;
• information regarding source of funds or nature of activities.

5.2. Verification of Legal Entities. For legal entities, the Company may verify:

• company name;
• registration number;
• registered address;
• ownership structure;
• directors and ultimate beneficial owners (UBOs);
• website and business activity description;
• source of funds and nature of business activities.

5.3. Verification of Documents and Information

5.3.1. The Company may:

• verify documents through official registries;
• use international compliance tools;
• conduct risk analysis of clients and transactions;
• request additional documents or explanations.

5.3.2. The Company reserves the right to refuse cooperation in cases of:

• failure to provide required information;
• suspicion regarding the legality of activities;
• identification of compliance risks;
• submission of false or misleading documents or information.

6. Sanctions Compliance

6.1. The Company screens clients, counterparties, and transactions against international sanctions lists, including:

• European Union sanctions lists;
• United Nations Security Council sanctions lists;
• OFAC sanctions lists (United States);
• HM Treasury Sanctions List (United Kingdom);
• other applicable sanctions registries.

6.2. The Company reserves the right to:

• refuse to provide services;
• suspend cooperation;
• block transactions;
• terminate contractual relationships,

in cases involving sanctions risks or restrictions.

7. Monitoring and Risk Assessment

7.1. The Company monitors business relationships and financial transactions for the purpose of identifying:

• unusual or suspicious transactions;
• inconsistencies between activities and the client's business profile;
• sudden increases in payment volumes;
• potential signs of fraud or sanctions circumvention.

7.2. The Company may conduct additional verification of clients and payments in cases of elevated risk.

8. Reporting Suspicious Activities

8.1. Where required by law, the Company may report to competent authorities:

• suspicious transactions;
• potential money laundering activities;
• sanctions violations;
• other unlawful activities.

8.2. Such reports are made in accordance with the laws of the Republic of Estonia and applicable international regulatory standards.

9. Record Keeping and Information Retention

9.1. The Company retains:

• KYC documentation;
• information about clients and counterparties;
• transaction records;
• verification results;
• compliance documentation,

for the periods required by the laws of the Republic of Estonia and applicable international requirements.

9.2. Documents and data are stored using appropriate security and confidentiality measures.

10. Confidentiality and Data Protection

10.1. All information obtained within AML/KYC procedures is processed confidentially and in accordance with GDPR and applicable data protection laws.

10.2. Access to such information is limited to authorized persons only.

11. Internal Control and Policy Updates

11.1. The Company periodically reviews this Policy taking into account:

• changes in legislation;
• changes in business activities;
• new compliance risks;
• international AML/CFT recommendations.

11.2. The Company reserves the right to modify or update this Policy at any time.