These Internal Control Rules for Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) (hereinafter - AML/CTF) define the procedure for conducting AML/CTF activities in LLC "Fintopio Virtual Assets" (hereinafter - the Company) in accordance with the legislation of the Russian Federation.

• Money Laundering: actions aimed at giving a legal appearance to money obtained illegally.
• Terrorism Financing: providing or collecting funds with the intention of using them to commit terrorist acts.
• Client: an individual or legal entity with whom the Company enters into business relations.

The Company is obliged to identify all its clients. Client identification includes the collection of the following data:

• for individuals: full name, date and place of birth, citizenship, details of the identity document, residential address;
• for legal entities: name, registration number, tax identification number, legal address, information about the manager.

Client verification includes checking the accuracy of the provided data:

• comparing data with state registers and databases;
• requesting additional documents and information if necessary.

The Company is obliged to continuously monitor client transactions to identify suspicious transactions:

• analyzing the volume and nature of transactions;
• comparing transactions with the client's profile.

Suspicious transactions are those that meet the following criteria:

• volumes and frequency of transactions uncharacteristic for the client;
• transactions inconsistent with the client's financial status;
• transactions involving persons from the terrorist list.

Company employees are required to identify suspicious transactions and transmit information about them to the employee responsible for AML/CTF.

The employee responsible for AML/CTF conducts an analysis of suspicious transactions and decides whether further investigation and notification of the authorized bodies is necessary.

The Company is obliged to notify Rosfinmonitoring about identified suspicious transactions in the prescribed manner:

• submitting reports on suspicious transactions through the personal account on the Rosfinmonitoring website;
• providing additional information upon request from Rosfinmonitoring.

The Company conducts AML/CTF risk assessments on a regular basis:

• analyzing potential risks depending on the type of clients, provided services, and geographical location.

The Company takes measures to mitigate AML/CTF risks:

• implementing additional client verification procedures;
• limiting transactions with high-risk clients.

The Company maintains records of all AML/CTF activities, including client identification, verification, and monitoring.

The storage period for information and documents is at least five years from the date of termination of business relations with the client.

The Company develops and implements staff training programs on AML/CTF issues:

• conducting regular training sessions and seminars;
• familiarizing with the latest legislative changes.

The employee responsible for AML/CTF is required to undergo qualification improvement at least once every two years.

The Company is responsible for complying with these Rules and fulfilling the requirements of AML/CTF legislation.

Company employees are personally responsible for fulfilling their AML/CTF duties.

These Rules come into force upon approval by the Company's management and remain in effect until they are canceled or replaced by new rules.

The Company undertakes to regularly review and update these Rules in accordance with changes in legislation and AML/CTF practices.